LQPP/installation-betriebssystem-hornigold
Inhaltsverzeichnis
Configuration of hornigold.lqfb.piratenpartei.de
RAID
- 2x36,4GB (ID3,ID4), RAID 1+0
- Maximum boot partition disabled
- 2x28,2GB (ID0,ID1), RAID 1+0 plus 1x28,2GB (ID2) as spare
Installation debian
-> Install -> English -> other -> Europe -> Gemarny -> German
-> Primary network interface eth0 -> Hostname: rogers -> Domain Name: lqfb.piratenpartei.de
-> Manual -> cciss/c0d0 -> Create a new partition -> 12GB, primary, beginning, ext3 at /, Bootable flag ON -> create new partition -> REST, primary, beginning, -> use as: physical volume for encryption -> AES/256/cbc-essiv:sha256/Random key/no/off -> cciss/c0d1 -> create new partition -> 20GB, primary, beginning, -> use as: physical volume for encrypti-> cciss/c0d1/c0d1on -> AES,256,cbc-essiv:sha256,passphrase,yes,off -> create new partition -> 5,0GB, primary, beginning, ext3 on /var/log -> configure encrypted volumes -> yes -> yes again -> passphrase c0d1p2 according to security manifest -> Select c0d1p2 -> Ext3, mount_point /var/lib -> Done setting ... -> select c0d0p2, swap -> Done setting -> Finish partitioning and write changes to disk -> YES -> (watch the progress bar or do something else)
-> root passwort according to security manifest -> system user mpd -> mpd passwort
-> Germany -> mirror: ftp.de.debian.org -> no -> no -> deselect standard system -> grub YES -> Continue
Configuration
Update packages
apt-get update apt-get upgrade
LF-Dependencies
apt-get install lighttpd postgresql libpq-dev lua5.1 liblua5.1-0-dev build-essential ghc libghc6-parsec-dev imagemagick tig
vim /etc/apt/sources.list
Add deb http://www.backports.org/debian etch-backports main contrib non-free to
apt-get install etckeeper git-core metastore -t etch-backports
cd /etc
etckeeper init
git add .
etckeeper commit 'Initial commit'
git gc
ssh-install
apt-get install openssh-server
Komfort
aptitude install screen apt-get install bash-completion less
bash-completion einkommentieren
vi /etc/bash.bashrc # enable bash completion in interactive shells if [ -f /etc/bash_completion ]; then . /etc/bash_completion fi apt-get install vim-nox update-alternatives --config editor selection number 4
Nutzer registrieren und ssh-key-login
adduser alx adduser ibo
Keys eintragen
su - alx mkdir .ssh chmod go-rwx .ssh vi .ssh/authorized_keys su - mpd mkdir .ssh chmod go-rwx .ssh vi .ssh/authorized_keys su - ibo mkdir .ssh chmod go-rwx .ssh vi .ssh/authorized_keys exit
sudo installieren
apt-get install sudo visudo Einkommentieren: %sudo ALL=NOPASSWD: ALL vi /etc/group -> sudo:x:27:alx,ibo,mpd
SSH-Config
vi /etc/ssh/sshd_config
Kein direkter root-Login
PermitRootLogin no
Kein Kennwort-basierender Login
PasswordAuthentication no
SSH-Daemon neustarten
/etc/init.d/ssh restart
RAID-Controler
apt-get install arrayprobe wget "http://switch.dl.sourceforge.net/project/cciss/cciss_vol_status/cciss_vol_status-1.06.tar.gz" tar xvfz cciss_vol_status-1.06.tar.gz aptitude install build-essential cd cciss_vol_status-1.06 ./configure make make install cd ..
array-configuration-utility
wget ftp://ftp.hp.com/pub/softlib2/software1/pubsw-linux/p414707558/v59422/hpacucli-8.50-6.0.noarch.rpm apt-get install alien alien hpacucli-8.50-6.0.noarch.rpm dpkg -i hpacucli_8.50-7_i386.deb
array config
gib mir sparedrives status:
hpacucli controller slot=0 physicaldrive all show
add all unassigned drives as spares
hpacucli controller slot=0 array A add spares=allunassigned
status again:
hpacucli controller slot=0 physicaldrive all show
MTA
apt-get install postfix -> Internet Site -> lqfb.piratenpartei.de vim /etc/postfix/main.cf -> mydomain = lqfb.piratenpartei.de -> myorigin = lqfb.piratenpartei.de -> masquerade_domains = $mydomain -> #relayhost =
system network config
vim /etc/network/interfaces
auto eth1
iface eth1 inet static
address 194.150.168.118
netmask 255.255.255.252
gateway 194.150.168.117
vim/etc/resolv.conf
nameserver 194.150.168.168
