urosm
/
dot
1
0
Fork 0
Code
dot/README.md

4.9 KiB
Raw Permalink Blame History

dot

This repo tracks user and system configuration files, installed packages and used commands for several machines or virtual servers. All are running Debian. The milano section documents our desktop setup based on sway, foot, neovim and fzy.

milano

# urosm@milano
## bootstrap dotfiles
sudo apt install git
git init -b main
git remote add origin gitea@git.kompot.si:urosm/dot.git
git pull origin main
## disable annoying .sudo_as_admin_successful file
sudo cp -ri .config/sudoers.d /etc/
## update to debian testing
sudo cp -ri .config/apt /etc/
sudo apt update
sudo apt full-upgrade
sudo apt install apt-listbugs apt-listchanges
## reconfigure locales
sudo dpkg-reconfigure locales
## install tasksel packages
sudo tasksel install web-server
sudo tasksel install ssh-server
## harden ssh
sudo cp -ri .config/ssh /etc/
systemctl restart sshd
## install and configure firewall
sudo apt install ufw
sudo ufw allow "SSH"
sudo ufw allow 1194/udp
sudo ufw enable
## install utils
sudo apt install network-manager
sudo cp -ir .config/network /etc/
sudo apt install udisks2
sudo apt install jq
sudo apt install fzy
## install neovim
sudo apt install neovim
## install desktop packages
sudo apt install sway
sudo apt install swayidle swaylock
sudo apt install brightnessctl wlsunset
sudo apt install wl-clipboard grim
sudo apt install libnotify-bin mako-notifier
sudo apt install fonts-agave
## install and configure audio packages
sudo apt install pipewire-audio
systemctl --user enable --now wireplumber.service
## install writing packages
sudo apt install make
sudo apt install pandoc
sudo apt install texlive-latex-extra
sudo apt install texlive-lang-european
## install web packages
sudo apt install firefox
sudo apt install thunderbird
## install media packages
sudo apt install mpv
sudo apt install zathura
sudo apt install inkscape
## install office packages
sudo apt install libreoffice libreoffice-gtk3
sudo apt install libreoffice-l10n-sl
## install printing packages
sudo apt install cups printer-driver-all
sudo adduser urosm lpadmin
## install scanning packages
sudo apt install simple-scan
## install pdf processing packages
sudo apt install qpdf ocrmypdf
## install rdp packages
sudo apt install remmina
## install and setup ikiwiki
sudo apt install ikiwiki
sudo apt install libfile-mimeinfo-perl libhighlight-perl libhtml-tree-perl libimage-magick-perl liblocale-gettext-perl libmailtools-perl libnet-amazon-s3-perl libnet-inet6glue-perl libsearch-xapian-perl libsort-naturally-perl libtext-csv-perl libtext-multimarkdown-perl libtext-textile-perl libtext-typography-perl libtext-wikicreole-perl libtext-wikiformat-perl libxml-feed-perl libxml-writer-perl
chmod 711 $HOME
sudo a2enmod userdir
sudo a2enmod cgi
sudo cp .config/apache2/sites-available/kontrakurs.localhost.conf /etc/apache2/sites-available/
sudo cp .config/apache2/sites-available/bavbavhaus.localhost.conf /etc/apache2/sites-available/
sudo a2ensite kontrakurs.localhost bavbavhaus.localhost
systemctl restart apache2

{padova,tivoli,genova}

ssh root@padova
adduser urosm
adduser urosm sudo
exit
ssh-copy-id urosm@padova
ssh urosm@padova
## bootstrap dotfiles
sudo apt update
sudo apt upgrade
sudo apt install git
git init -b main
git remote add origin gitea@git.kompot.si:urosm/dot.git
git pull origin main
## disable annoying .sudo_as_admin_successful file
sudo cp -ri .config/sudoers.d /etc/
## install screen
sudo apt install screen
## install and configure firewall
sudo apt install ufw
sudo ufw allow "SSH" # ssh
sudo ufw allow 1194/udp # vpn
sudo ufw allow "WWW Full" # web
sudo ufw allow "SMTP" # mail
sudo ufw allow "Mail submission" # mail
sudo ufw allow "IMAP" # mail
sudo ufw allow "IMAPS" # mail
sudo ufw enable
## harden ssh
sudo cp -ri .config/ssh /etc/
sudo systemctl restart sshd
## install and configure wireguard
sudo cp -ir .config/sysctl.d /etc/
sudo sysctl -p
sudo apt install wireguard
sudo cp -i .config/wireguard/padova.conf /etc/wireguard/
wg-quick up padova
## install and configure webserver
sudo tasksel install web-server
sudo a2enmod rewrite
sudo a2enmod userdir
sudo a2enmod cgi
chmod 711 "$HOME"
sudo cp -ir .config/apache2/sites-available /etc/apache2/
sudo a2ensite bavbavhaus.net
sudo a2ensite kontrakurs.org
sudo systemctl reload apache2
## install certbot
sudo apt install certbot
sudo apt install python3-certbot-apache
sudo certbot --apache
## install ikiwiki
sudo apt install --install-recommends ikiwiki
sudo apt install libfile-mimeinfo-perl libhighlight-perl libhtml-tree-perl libimage-magick-perl liblocale-gettext-perl libmailtools-perl libnet-amazon-s3-perl libnet-inet6glue-perl libsearch-xapian-perl libsort-naturally-perl libtext-csv-perl libtext-multimarkdown-perl libtext-textile-perl libtext-typography-perl libtext-wikicreole-perl libtext-wikiformat-perl libxml-feed-perl libxml-writer-perl
## enable unattended-upgrades
sudo apt install unattended-upgrades apt-listchanges
sudo dpkg-reconfigure -plow unattended-upgrades