===== INSTALLIMINE =====
==== Links ====
* How to install Ubuntu + Windwos: https://www.mikekasberg.com/blog/2020/04/08/dual-boot-ubuntu-and-windows-with-encryption.html
* How to fix non-booting crypto linux: https://feeding.cloud.geek.nz/posts/recovering-from-unbootable-ubuntu-encrypted-lvm-root-partition/
* https://unix.stackexchange.com/questions/107810/why-my-encrypted-lvm-volume-luks-device-wont-mount-at-boot-time
==== crypto / LUKS / encryption ====
rene@r18:~$ sudo lsblk -o name,uuid,mountpoint
NAME UUID MOUNTPOINT
nvme0n1
├─nvme0n1p1 CE82-7471 /boot/efi
├─nvme0n1p2
├─nvme0n1p3
├─nvme0n1p4 D4B8853CB8851E5C
├─nvme0n1p5 ca8cade1-d6e0-4845-b7c3-9952a591c9d6 /boot
└─nvme0n1p6 770660ba-c8e6-43cd-bf45-9310baca752e
└─nvme0n1p6_crypt HOgSIE-cERu-Hp0t-0I6r-S7e5-szdO-CE5oTR
├─ubuntu--vg-swap_1 8b7793d4-557e-4a14-b4a1-916e60e99fd0 [SWAP]
└─ubuntu--vg-root aee60042-69c3-4c16-af0a-d84e7ca09078 /
NB! UUID and name are taken from the output above, but they are not on the same line! There are no typos here!!!
rene@r18:~$ cat /etc/crypttab
nvme0n1p6_crypt UUID=770660ba-c8e6-43cd-bf45-9310baca752e none luks
rene@r18:~$ cat /etc/fstab
UUID=aee60042-69c3-4c16-af0a-d84e7ca09078 / ext4 errors=remount-ro 0 1
# /boot was on /dev/nvme0n1p5 during installation
UUID=ca8cade1-d6e0-4845-b7c3-9952a591c9d6 /boot ext4 defaults 0 2
# /boot/efi was on /dev/nvme0n1p1 during installation
UUID=CE82-7471 /boot/efi vfat umask=0077 0 1
UUID=8b7793d4-557e-4a14-b4a1-916e60e99fd0 none swap sw 0 0
Use this guide:
https://feeding.cloud.geek.nz/posts/recovering-from-unbootable-ubuntu-encrypted-lvm-root-partition/
but before the last step also mount sysfs (otherwise you'll get an error):
mount -t sysfs sysfs /mnt/sys
==== Wifi ====
[[fs_e8020|FujitsuSiemens E8020]]
==== Sound ====
Kui sound korralikult ei tööta, siis on mõteksas installida uus ** [[install#kernel|kernel]]**
//Mingi veebist leitud õpetus, pärast mida ubuntu enam ei buudi :) -> [[sound_fs_e8020|FujitsuSiemens E8020]]//
==== Kernel ====
1. Lae [[http://www.kernel.org|siit]] alla uus kernel (''full source'' ehk link [[http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.15.1.tar.bz2|F]]). Soovitavalt kõige uuem (''The latest stable version of the Linux kernel is:'').
2. Paki see lahti:
bunzip2 linux-2.6.15.1.tar.bz2
tar -xf linux-2.6.15.1.tar
3. Pane paika conf:
See on ka kõige keerulisem osa. Minu kerneli konf on näiteks selline: {{config.txt|.config}}
cd linux-2.6.15.1/
sudo vi .config
4. Installi Ncurese pakk:
sudo apt-get install libncurses5-dev
5. Kompileeri kernel (**Võtab päris kaua aega - isegi kuni 1 tund**):
make
6. Installi kernel (läheb kiiresti):
make install
make modules_install
7. Uuenda Grub:
sudo update-grub
8. Restardi masin:
sudo reboot
==== Firefox ====
sudo apt-get install firefox
* Web Developer Toolbar
* https://addons.mozilla.org/extensions/moreinfo.php?id=60
* restart Firefox
* [[https://addons.mozilla.org/en-US/firefox/addon/1843|FireBug]]
* [[https://addons.mozilla.org/en-US/firefox/addon/3829|Live HTTP Headers]]
* [[https://wiki.ubuntu.com/FirefoxNewVersion|Upgrade]]
* [[https://addons.mozilla.org/en-US/firefox/addon/2131|Remember Mismatched Domains]]
==== Thunderbird ====
sudo apt-get install mozilla-thunderbird
==== Automatix (multimedia) ====
MPlayer + muu kola (näiteks: Multimedia codecs|Firefox Plugins|MS TTF Fonts|Archives|Acrobat Reader|Gnomebaker|gftp|Ripper and Tuner|File Sharing|Multimedia Editing|DVD Ripper|Mplayer with plugin|Media Players|Debian Menu|Avidemux|AUD-DVD codecs|Firefox 1.5)
sudo apt-get install zenity
wget http://beerorkid.com/automatix/automatix-ubuntu_4.4-2_i386.deb
sudo dpkg -i automatix-ubuntu_4.4-2_i386.deb
sudo /usr/local/automatix/autoscript
* valid listist soovitud asjad
==== SSH ====
sudo apt-get install openssh-server
==== Alien ====
Redhat-i pakid Debiani omadeks (rpm->deb)
sudo apt-get install alien
==== mc ====
Failihaldur (Midland Commander)
sudo apt-get install mc
==== Apache ====
Installime apache:
sudo apt-get install apache
Määrame uue juurkataloogi (sealt otsib apache serveeritavaid faile):
sudo vi /etc/apache/httpd.conf
DocumentRoot /home/rene/www
Kui tahad kataloogis vaikimisi näha sealsete failide listingut, siis tee eelnevas failis sellised muudatused:
# First, we configure the "default" to be a very restrictive set of
# permissions.
#
Options Indexes FollowSymlinks
AllowOverride AuthConfig
Teeme apachele restardi:
sudo /etc/init.d/apache restart
Kontrollimiseks trüki brauserisse http://localhost/, kui avaneb eelnevalt määratud kataloogi sisu, siis apache töötab.
==== PHP ====
Installi PHP4:
sudo apt-get install php4
sudo apt-get install libapache-mod-php4
Ava apache konfifail:
sudo vi /etc/apache/httpd.conf
Otsi üles need 2 rida ja komenteeri nad sisse (võta # märk eest ära):
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
Kui tahad, et vaikimisi näidataks php erroreid brauseris, siis ava ''php.ini'' fail
whereis php.ini
sudo vi /usr/local/lib/php.ini
ja määra
error_reporting = E_ALL
display_errors = On
Tee apachele restart:
sudo /etc/init.d/apache restart
==== PEAR ====
Installime PEARi:
sudo apt-get install php4-pear
PEARi pakettide installimine:
sudo pear install XML_RPC
==== Postgres ====
Installime Postgresi:
sudo apt-get install postgresql-8.0 postgresql-client-8.0
Installime PgAdmin'i:
sudo apt-get install pgadmin3 pgadmin3-data
Installime PHP-le Postgresi toe:
sudo apt-get install php4-pgsql
Paneme Postgrsi pordi peale kuulama (komenteeri sisse järgmised read):
sudo vi /etc/postgresql/8.0/main/postgresql.conf
tcpip_socket = true
max_connections = 100
password_encryption = true
port = 5432
sudo vi /etc/postgresql/8.0/main/pg_hba.conf
# The following configuration is the upstream default, which allows
# unrestricted access to amy database by any user on the local machine.
#
# TYPE DATABASE USER IP-ADDRESS IP-MASK METHOD
#
local all all trust
# IPv4-style local connections:
host all all 127.0.0.1 255.255.255.255 trust
Teeme Postgresile ja apachele restardi:
sudo /etc/init.d/postgresql-8.0 restart
sudo /etc/init.d/apache restart
Loome andmebaasi kasutaja:
sudo su postgres -c createuser rene
Loome andmebaasi:
sudo su postgres -c createdb test
Logime baasis sisse:
psql test
Määrame kasutajale passwordi (käivitada Postgresis!):
ALTER USER rene WITH PASSWORD 'tainas';
==== USB mälupulk ====
mkdir /mnt/usb
vi /etc/fstab
/dev/sda1 /mnt/usb auto umask=0,user,sync,codepage=850,noauto,exec,users 0 0
mount /mnt/usb
==== jMeter ====
* Download latest version (not source): http://jmeter.apache.org/download_jmeter.cgi
* Unpack it (for example under /usr/bin/apache-jmeter-4.0/)
* Add an alias for execution: jmeter='/usr/bin/apache-jmeter-4.0/bin/jmeter'
==== SQL Developer ====
Tõmbame alla ja installime vajalikud Java pakid:
wget http://archive.ubuntu.com/ubuntu/pool/multiverse/s/sun-java5/sun-java5-jdk_1.5.0-06-1_i386.deb
wget http://archive.ubuntu.com/ubuntu/pool/multiverse/s/sun-java5/sun-java5-jre_1.5.0-06-1_all.deb
wget http://archive.ubuntu.com/ubuntu/pool/multiverse/s/sun-java5/sun-java5-demo_1.5.0-06-1_i386.deb
wget http://archive.ubuntu.com/ubuntu/pool/multiverse/s/sun-java5/sun-java5-bin_1.5.0-06-1_i386.deb
dpkg -i sun-java5-jdk_1.5.0-06-1_i386.deb
dpkg -i sun-java5-jre_1.5.0-06-1_all.deb
dpkg -i sun-java5-demo_1.5.0-06-1_i386.deb
dpkg -i sun-java5-jre_1.5.0-06-1_all.deb
dpkg -i sun-java5-bin_1.5.0-06-1_i386.deb
apt-get install unixodbc
apt-get install odbcinst1
apt-get -f install
Tõmba Sun-i kodukalt alla SQL Developeri installikas, ja siis tee:
unzip sqldeveloper-1557-no-jre.zip
cd sqldeveloper
chmod 777 sqldeveloper
./sqldeveloper
vi /home/rene/.sqldeveloper <---- /usr/lib/jvm/java-1.5.0-sun
sudo ln -s /usr/lib/sqldeveloper/jdev/bin/sqldeveloper /usr/bin/sqldeveloper
sudo chmod 555 /usr/lib/sqldeveloper/jdev/bin/sqldeveloper
sqldeveloper
=== connectiomine ===
Kõigepealt tuleb ''tnsnames.ora'' failis parameetrid paika panna:
vi /usr/lib/oracle/tnsnames.ora
DEVEL =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = 10.10.10.48)(PORT = 1521))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = devel.estpak.ee)
)
)
TIPDB=
(DESCRIPTION=
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(Host = crux.cc.elion.ee)(PORT=1521))
)
(CONNECT_DATA=(SID=tipdb))
)
===== KONFIMINE =====
==== letsencrypt / HTTPS ====
* https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-20-04
* https://certbot.eff.org/docs/using.html#certbot-commands
== Adding HTTPS to a new subomain ==
First make a copy of current files so that you can view diff afterwards:
cp /etc/apache2/sites-enabled/rene-le-ssl.conf /etc/apache2/sites-enabled/rene-le-ssl.conf_orig
cp /etc/apache2/sites-enabled/rene.conf /etc/apache2/sites-enabled/rene.conf_orig
Look at a sample conf for example for "bikes.rene.ee"
Make sure that in your apache conf (/etc/apache2/sites-enabled/rene.conf) ServerName and ServerAlias are correct! ServerName=base domain; ServerAlias=actual subdomain
Run the following command and select the virtual hosts you want to upgrade to HTTPS
You can there select only the new ones you want to add
certbot --apache
# NB! For some odd reason this process tends to mess up bernard.ee conf (/etc/apache2/sites-enabled/rene-le-ssl.conf)! Probleemid:
- The main ServerAlias is changed to the new domain and also certificate files point wrongly. The wrong certificate locations should have been added to the new conf section, but they are missing from there Restore right values manually based on the diff with originla conf files.
- Make sure the new conf starts with "" and not with ""
- Make sure the new conf section has "SSLCertificateFile" and "SSLCertificateKeyFile". Keep in mind that the cert file locations are custom to that particular subdomain and not generic to the base domain!!!
# it does also add some rewrite rules into your own base conf (/etc/apache2/sites-enabled/rene.conf), but these seem to be just fine.
== Renewal (new) ==
Open up port 80 in Apache conf:
vi /etc/apache2/ports.conf
Generate new certs (select option "3" and give correct base dir): /media/ssd/www/bernard.ee/):
certbot certonly --force-renewal -d bernard.ee
Check what was the new folder name created for new certs:
l /etc/letsencrypt/live/
Change cert folder in Apache conf (SSLCertificateFile / SSLCertificateKeyFile):
apache_conf
Restart apache:
apache_restart
If new cert works then remove old certs directory:
rm -rf /etc/letsencrypt/live/bernard.ee-0002
# Updating rene.ee....
NB! Ilmselt tuleb DNS'i verificationit kasutada, sest wildcard serti ei saa HTTP'ga uuendada.... vist.... Seega all olev päris ei tööta...
Disable index preview (as we need to make rene.ee publicly accessible for renewal)
/etc/apache2/sites-available/rene-le-ssl.conf
apatche_restart
Removce htaccess to make rene.ee publicly accessible:
mv /media/ssd/www/rene.ee/.htaccess /media/ssd/www/rene.ee/xhtaccess
Rund the command (NB! Mind that it's wildcard!) (/media/ssd/www/rene.ee):
certbot certonly --force-renewal -d *.rene.ee
Enable index htaccess
mv /media/ssd/www/rene.ee/xhtaccess /media/ssd/www/rene.ee/.htaccess
Enable index showing
/etc/apache2/sites-available/rene-le-ssl.conf
apatche_restart
Clean up afterwards from here (not needed for web server):
/etc/letsencrypt/renewal
Close port 80:
vi /etc/apache2/ports.conf
== Renewal (original) ==
Certificates expire in 90 days. Renewal can only be automatic if port 80 is open... Which by default is not...
You can check that the daemon is working:
systemctl status certbot.timer
Renewal can be forced with the following command
PS. Seems that this doesn't change any configurations just the certs. So it's harmless.
certbot renew --force-renewal
==== nVidia draiveri fix ====
wget http://us.download.nvidia.com/XFree86/Linux-x86/96.43.20/NVIDIA-Linux-x86-96.43.20-pkg1.run -O nvidiadriver.run
sudo chmod u+x nvidiadrive.run
sudo apt-get install linux-headers-$(uname -r) build-essential
sudo /etc/init.d/kdm stop
sudo rmmod nvidia
sudo rm -r -f /lib/modules/$(uname -r)/kernel/drivers/video/nvidia
sudo ./nvidiadriver.run
sudo /etc/init.d/kdm start
==== Grub ====
sudo vi /boot/grub/menu.lst
==== DNS ====
* Asuvad siin, kuid kirjutatakse connectimisel üle: sudo vi /etc/resolv.conf
* Saab staatiliselt määrata:
sudo vi /etc/dhcp3/dhclient.conf
Lisada see rida:
prepend domain-name-servers 194.126.101.34, 194.126.115.18;
==== IP ====
=== DHCP ===
* Cable (eth0): sudo dhclient eth0
* wifi (eth1): sudo dhclient eth1
=== Manual ===
==== Klaviatuuri Eesti layout ====
* System Settings -> Regional & Accessibility -> Keyboard Layout
* Active Layouts = Estonia
* Keyboard model = Generic 105-key
==== SSH ====
=== Login ilma passita ===
* source: ssh-keygen -t rsa -b 2048 (empty passphrase!)
* source: vi .ssh/id_rsa.pub (copy)
* destin: vi .ssh/authorized_keys (paste)
* kui ei toimi, siis vaja teha destin: chmod u+x .ssh
=== Login with short name ===
* sudo vi /etc/hosts
* 194.126.124.43 jesse
* ssh jesse
==== vi ====
apt-get install vim-full
http://wiki.rene.ee/doku.php?id=unix#vim
==== .bashrc/.bash_profile ====
vi ~/.bashrc
alias ll='ls --color=auto -l'
alias l='ls --color=auto -la'
alias vi="vim"
alias ..='cd ..'
alias cvsd="cvs diff -rHEAD"
==== MPlayer ====
Kui MPlayer ei taha hästi töötada (katkub), siis lisa selle confi:
sudo vi ~/.mplayer/config
... selline rida:
srate=48000
===== SEADISTAMINE =====
==== KDE ====
=== Välimus ===
System Settings -> Desktop
=== Taskbar ===
* Lisada: Show Desktop, Firefox
* Eemaldada: Konqueror, Wallet
* 6 desktopi
=== Helid ===
* System Settings -> Sound & Multimedia -> System Notifications -> Event source (kõik boxi valikud läbi käia!)
* System bell -> Disable
==== Firefox ====
* Edit -> Preferences
* Bookmarks
==== Konsole ====
* font = Monospace
* font-size = 11
* Schema = Green on Black