1
0
Fork 0

REAMDE.md: update

main
urosm 2024-05-05 18:04:41 +02:00
parent 065eb43c1f
commit 4d85915148
1 changed files with 31 additions and 110 deletions

141
README.md
View File

@ -1,150 +1,71 @@
# dot # dot
This repo tracks user and system configuration files, installed packages This repo tracks user and system configuration files, installed packages
and used commands for several machines or virtual servers. All are and initial command history for setting-up a desktop environment running Debian
running Debian. The `milano` section documents our desktop setup based testing/unstable with `sway`, `foot`, `fuzzel` and `neovim`.
on `sway`, `foot`, `neovim` and `fzy`.
## milano ## bootstrap the dotfiles
```sh ```
# urosm@milano
## bootstrap dotfiles
sudo apt install git sudo apt install git
git init -b main git init -b main
git remote add origin gitea@git.kompot.si:urosm/dot.git git remote add origin gitea@git.kompot.si:urosm/dot.git
git pull origin main git pull origin main
## disable annoying .sudo_as_admin_successful file ```
## setup urosm@milano
```sh
# disable the annoying `.sudo_as_admin_successful` file
sudo cp -ri .config/sudoers.d /etc/ sudo cp -ri .config/sudoers.d /etc/
## update to debian testing # update to debian testing
sudo cp -ri .config/apt /etc/ sudo cp -ri .config/apt /etc/
sudo apt update sudo apt update
sudo apt full-upgrade sudo apt full-upgrade
sudo apt install apt-listbugs apt-listchanges # reconfigure locales
## reconfigure locales
sudo dpkg-reconfigure locales sudo dpkg-reconfigure locales
## install tasksel packages # configure and start firewall
sudo tasksel install web-server sudo cp -ri .config/nftables.conf /etc/
sudo tasksel install ssh-server systemctl enable --now nftables.service
## harden ssh # configure and install networking
sudo cp -ri .config/ssh /etc/
systemctl restart sshd
## install and configure firewall
sudo apt install ufw
sudo ufw allow "SSH"
sudo ufw allow 1194/udp
sudo ufw enable
## install utils
sudo apt install network-manager
sudo cp -ir .config/network /etc/ sudo cp -ir .config/network /etc/
sudo apt install network-manager
# install utils
sudo apt install udisks2 sudo apt install udisks2
sudo apt install jq sudo apt install jq
sudo apt install fzy # install desktop packages
## install neovim
sudo apt install neovim
## install desktop packages
sudo apt install sway sudo apt install sway
sudo apt install swayidle swaylock sudo apt install swayidle swaylock
sudo apt install brightnessctl wlsunset sudo apt install brightnessctl wlsunset
sudo apt install wl-clipboard grim sudo apt install grim
sudo apt install libnotify-bin mako-notifier sudo apt install mako-notifier libnotify-bin
sudo apt install fonts-agave sudo apt install fonts-agave
## install and configure audio packages # install neovim
sudo apt install neovim wl-clipboard
# install and configure audio packages
sudo apt install pipewire-audio sudo apt install pipewire-audio
systemctl --user enable --now wireplumber.service systemctl --user enable --now wireplumber.service
## install writing packages # install writing packages
sudo apt install make sudo apt install make
sudo apt install pandoc sudo apt install pandoc
sudo apt install texlive-latex-extra sudo apt install texlive-latex-extra
sudo apt install texlive-lang-european sudo apt install texlive-lang-european
## install web packages # install web packages
sudo apt install firefox sudo apt install firefox
sudo apt install thunderbird sudo apt install thunderbird
## install media packages # install media packages
sudo apt install mpv sudo apt install mpv
sudo apt install zathura sudo apt install zathura
sudo apt install inkscape sudo apt install inkscape
## install office packages # install office packages
sudo apt install libreoffice libreoffice-gtk3 sudo apt install libreoffice libreoffice-gtk3
sudo apt install libreoffice-l10n-sl sudo apt install libreoffice-l10n-sl
## install printing packages # install printing and scanning packages
sudo apt install cups printer-driver-all sudo apt install cups printer-driver-all
sudo adduser urosm lpadmin sudo adduser urosm lpadmin
## install scanning packages
sudo apt install simple-scan sudo apt install simple-scan
## install pdf processing packages # install pdf processing packages
sudo apt install qpdf ocrmypdf sudo apt install qpdf ocrmypdf
## install rdp packages # install rdp packages
sudo apt install remmina sudo apt install remmina
## install and setup ikiwiki
sudo apt install ikiwiki
sudo apt install libfile-mimeinfo-perl libhighlight-perl libhtml-tree-perl libimage-magick-perl liblocale-gettext-perl libmailtools-perl libnet-amazon-s3-perl libnet-inet6glue-perl libsearch-xapian-perl libsort-naturally-perl libtext-csv-perl libtext-multimarkdown-perl libtext-textile-perl libtext-typography-perl libtext-wikicreole-perl libtext-wikiformat-perl libxml-feed-perl libxml-writer-perl
chmod 711 $HOME
sudo a2enmod userdir
sudo a2enmod cgi
sudo cp .config/apache2/sites-available/kontrakurs.localhost.conf /etc/apache2/sites-available/
sudo cp .config/apache2/sites-available/bavbavhaus.localhost.conf /etc/apache2/sites-available/
sudo a2ensite kontrakurs.localhost bavbavhaus.localhost
systemctl restart apache2
```
## {padova,tivoli,genova}
```sh
ssh root@padova
adduser urosm
adduser urosm sudo
exit
ssh-copy-id urosm@padova
ssh urosm@padova
## bootstrap dotfiles
sudo apt update
sudo apt upgrade
sudo apt install git
git init -b main
git remote add origin gitea@git.kompot.si:urosm/dot.git
git pull origin main
## disable annoying .sudo_as_admin_successful file
sudo cp -ri .config/sudoers.d /etc/
## install screen
sudo apt install screen
## install and configure firewall
sudo apt install ufw
sudo ufw allow "SSH" # ssh
sudo ufw allow 1194/udp # vpn
sudo ufw allow "WWW Full" # web
sudo ufw allow "SMTP" # mail
sudo ufw allow "Mail submission" # mail
sudo ufw allow "IMAP" # mail
sudo ufw allow "IMAPS" # mail
sudo ufw enable
## harden ssh
sudo cp -ri .config/ssh /etc/
sudo systemctl restart sshd
## install and configure wireguard
sudo cp -ir .config/sysctl.d /etc/
sudo sysctl -p
sudo apt install wireguard
sudo cp -i .config/wireguard/padova.conf /etc/wireguard/
wg-quick up padova
## install and configure webserver
sudo tasksel install web-server
sudo a2enmod rewrite
sudo a2enmod userdir
sudo a2enmod cgi
chmod 711 "$HOME"
sudo cp -ir .config/apache2/sites-available /etc/apache2/
sudo a2ensite bavbavhaus.net
sudo a2ensite kontrakurs.org
sudo systemctl reload apache2
## install certbot
sudo apt install certbot
sudo apt install python3-certbot-apache
sudo certbot --apache
## install ikiwiki
sudo apt install --install-recommends ikiwiki
sudo apt install libfile-mimeinfo-perl libhighlight-perl libhtml-tree-perl libimage-magick-perl liblocale-gettext-perl libmailtools-perl libnet-amazon-s3-perl libnet-inet6glue-perl libsearch-xapian-perl libsort-naturally-perl libtext-csv-perl libtext-multimarkdown-perl libtext-textile-perl libtext-typography-perl libtext-wikicreole-perl libtext-wikiformat-perl libxml-feed-perl libxml-writer-perl
## enable unattended-upgrades
sudo apt install unattended-upgrades apt-listchanges
sudo dpkg-reconfigure -plow unattended-upgrades
``` ```