debian_common

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
debian_common [2019/03/23 06:48] – [Fetch error during update] Júne Parkdebian_common [2024/03/19 11:30] (current) – [Watchlist for backup] Júne Park
Line 1: Line 1:
 <nav>  <nav> 
-  * {{fa>server?color=#8B0000}} Raspbian+  * {{fa>server?color=#8B0000}} Linux 
 +    * [[:rpi_common|■ General Things on Raspbian]]
     * [[:rpi_autism|Media Ditorium ─ AUTiSM Rainbow]]     * [[:rpi_autism|Media Ditorium ─ AUTiSM Rainbow]]
     * [[:rpi_epigen|Private Cellarium ─ EPiGEN Crystal]]     * [[:rpi_epigen|Private Cellarium ─ EPiGEN Crystal]]
     * [[:rpi_nimbus|Webius Officium ─ NiMBUS deBlanc]]     * [[:rpi_nimbus|Webius Officium ─ NiMBUS deBlanc]]
-    * [[:rpi_common|General Things on Raspbian]]+    * [[:debian_common|■ General info on Debian Linux]] 
 +    * [[:deb_mutism|Opus Imperium ─ MUTiSM Magnum]] 
 +    * [[:deb_gilead|Actu Periculum ─ GiLEAD Argenta]] 
 +    * [[:deb_debris|Finca LaDichium ─ DEBRiS Chrome]] 
 +  * {{fa>windows?color=#0000A0}} Windows 
 +    * [[:pc_common|■ Common Works on Windows]] 
 +    * [[:pc_mesonism|Primus Workstation ─ MESONiSM]] 
 +    * [[:pc_mesonium|Manibus Tablet ─ MESONiUM]] 
 +    * [[:pc_mesonist|Domumus Workstage ─ MESONiST]] 
 +    * [[:pc_mesonity|Praevus Station ─ MESONiTY]] 
 +  * {{fa>android?color=#006400}} Android 
 +    * [[:cell_common|■ Common Stuffs on Androids]] 
 +    * [[:cell_epiaux|Júne's Primus ─ EPiAUX 5X]] 
 +    * [[:cell_epihex|Júne's Extentus ─ EPiHEX 6]] 
 +    * [[:cell_epimer|Júne's Maximus ─ EPiMER 5P]] 
 +    * [[:cell_epinex|Júne's Secondus ─ EPiNEX 5]] 
 +    * [[:cell_epitab|Júne's Laminus - EPiTAB 7]] 
 +    * [[:cell_epixus|Júne's Tertius ─ EPiXUS 4]]
 </nav> </nav>
  
-===== General info on Debian Linux ===== +====== General info on Debian ======
  
 {{:playground:boo_the_bunny_36.png?nolink&250|}} {{:playground:boo_the_bunny_36.png?nolink&250|}}
  
 ---- ----
-==== Initial steps freshly ==== +===== Initial steps ===== 
  
-=== Enable SSH === +==== Watchlist for backup ==== 
  
-Genesis step for all {{fa>linux}} Linux works. +<code bash>  
 +/etc/nginx/sites-available/*  
 +/var/www/
 +/etc/transmission-daemon/   
 +/opt/scripts/  
 +</code> 
 + 
 +**update-motd**  
 +<code bash> 
 +/etc/update-motd.d/ 
 +</code> 
 + 
 +**crontab**  
 +<code bash>  
 +sudo crontab -l  
 +sudo -u www-data crontab -l  
 +crontab -l  
 +</code> 
 + 
 +**MariaDB** ''per DATABASE'' 
 +=== Backup MariaDB DATABASE ===  
 + 
 +<code bash>  
 +/usr/bin/mysqldump --single-transaction -h localhost -u root -p[database_passwd] [database_name] > /..(path)../.backup/[database_name]-sqlbkp_`date +"%Y%m%d"`.bak 
 +</code>  
 + 
 +----  
 + 
 +=== Backup using rsync command ===  
 + 
 +== Backup Nginx configuration files ==  
 +<code bash>  
 +sudo rsync -avh --progress /etc/nginx/sites-available/ /home/meson/.backup/nginx/nginx_config_`date +"%Y%m"`/  
 +</code>  
 + 
 +== Backup HTML source files ==  
 +<code bash>  
 +sudo rsync -avh --progress /var/www/ /home/meson/.backup/html/html_backup_`date +"%Y%m"`/ 
 +</code>  
 + 
 +---- 
 +=== Remote backup for webpages ===  
 +Rsync with ''[TARGET]'' using rsync from ''[SOURCE]''   
 +<code bash>  
 +sudo -u www-data rsync -azP --exclude '.ssh' -e 'ssh -p [port_number]' --rsync-path="sudo rsync" /var/www/ [user]@[TARGET]:"/[TARGET PATH]../../" 
 +</code>  
 +Put ''[SOURCE]'' public key in ''[TARGET]'' user's ''authorized_keys''  
 + 
 +---- 
 +==== Configure log files ====  
 + 
 +Edit ''/etc/nginx/nginx.conf''  
 +<code nginx>  
 +        access_log /var/log/nginx/_access.log; 
 +        error_log /var/log/nginx/_error.log; 
 +</code>  
 + 
 +---- 
 +==== Purge log files ====  
 + 
 +== Cleaning compressed log files ==  
 +<code bash>  
 +sudo find /var/log -name '*.gz' -exec rm {} \; 
 +</code>  
 + 
 +---- 
 + 
 +==== Enable SSH ====  
 + 
 +Genesis step for all {{mdi>debian?2x}} Linux works. 
  
 ---- ----
Line 35: Line 122:
  
 Append ''public keys'' for SSH client.  Append ''public keys'' for SSH client. 
 +
 +---
 +
 +=== SSH Key to ED25519 === 
 +
 +<code bash> 
 +ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/id_ed25519 -C "john@example.com"
 +</code>
 +
 +  * ''-o'': Save the private-key using the new OpenSSH format
 +  * ''-a'': KDF (Key Derivation Function) rounds. Higher numbers result in slower passphrase verification, increasing the resistance to brute-force password cracking should the private-key be stolen.
 +  * ''-C'': An option to specify a comment
 +
 +---
 +
 +==== Enable colorful terminal ==== 
 +
 +Comment out **''force_color_prompt=yes''** in ''~/.bashrc''
 +
 +<code bash>
 +  vi ~/.bashrc 
 +  source ./.bashrc 
 +</code>
 + 
 +=== Time stamp prompt === 
 +
 +Edit ''~/.bashrc'' and change ''PS1'' line 
 +
 +<code bash> 
 +if [ "$color_prompt" = yes ]; then
 +    PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]: \[\033[01;33m\]\D{%T}\[\033[00m\] \[\033[01;37m\]\w\$\[\033[00m\] '
 +else
 +    PS1='${debian_chroot:+($debian_chroot)}\u@\h: \D{%T} \w\$ '
 +fi
 +</code> 
 +
 +Save and load ''.bashrc'' 
 +
 +<code bash> 
 +source ~/.bashrc 
 +</code> 
 +
 +
 +----
 +
 +==== User aliases command ==== 
 +
 +If you don't have ''.bash_aliases'' in your home directory. 
 +<code bash> 
 +touch .bash_aliases    
 +</code> 
 +
 +''Edit'' ''.bash_aliases''. Example: Backup Nginx configuration files with date stamp. 
 +
 +<code bash> 
 +alias backup_nginx='sudo rsync -avh --progress /etc/nginx/ /home/user/storage/Nginx.Config//nginx_config_`date +"%Y%m%d"`/'
 +</code> 
  
 ---- ----
-==== Configure Dynamic DNS ==== +===== Configure Dynamic DNS ===== 
  
 === Google Domains with ddclient ===  === Google Domains with ddclient === 
Line 130: Line 274:
  
 ---- ----
 +=== NO-IP with ddclient === 
 +
 +<code ini>
 +  protocol=dyndns2
 +  server=dynupdate.no-ip.com
 +  login=your_login_id
 +  password=your_password
 +  your_domain.com
 +</code>
 +
 +----
 +
 === Google Domains with API ===  === Google Domains with API === 
  
Line 259: Line 415:
  
 ---- ----
 +
 +===== Disable unused settings =====
  
 ==== Disable suspend mode ====  ==== Disable suspend mode ==== 
Line 294: Line 452:
  
 ---- ----
-==== Debugging service ==== + 
 +==== Disable power wireless off ==== 
  
 <code bash>  <code bash> 
-  sudo service stop sshd   # ssd daemon for example  + sudo iwconfig wlan0 power off 
-  /usr/sbin/sshd -d       # need to specify full path +
 </code>  </code> 
- 
-Find problem from messages in debugging mode.  
  
 ---- ----
  
-==== Delete unnecessary files regularly ====  +==== Disable Bluetooth service ==== 
-''sudo crontab -e'' Add command line to find & delete. e.g.) Delete all ''.nfo'' file in target directory and its sub-directories at 30 minutes past every 6 hours. +
  
-<code bash> +<code bash>  
-  30 */6 * * * /usr/bin/find /..((your path)).../ -name '*.nfo-exec rm -f {} \; +vi /etc/bluetooth/main.conf 
-</code>+</code>  
 + 
 +Edit the line with ''AutoEnable'' with ''false''  
 +<code ini> 
 +AutoEnable = false 
 +</code> 
  
-Delete empty directory at 30 minutes past every 12 hours +A more radical way is to either stop the bluetooth service
  
 <code bash> <code bash>
-  30 */12 * * * /usr/bin/find /..((your path)).../ -type d -empty -delete+sudo systemctl stop bluetooth.service
 </code> </code>
 +
 +Or even more radical is to disable it permanently
 +<code bash> 
 +sudo systemctl disable bluetooth
 +</code> 
  
 ---- ----
  
-==== Delete all files except for desired file types ==== +==== Debugging service ==== 
  
 <code bash>  <code bash> 
- find . -type f ! -name '*.mkv' -delete +  sudo service stop sshd   # ssd daemon for example  
-</code>  +  /usr/sbin/sshd -d       # need to specify full path  
 +</code>  
 + 
 +Find problem from messages in debugging mode. 
  
 ---- ----
-==== Disable power wireless off ==== + 
 +==== Configure locales ==== 
  
 <code bash>  <code bash> 
- sudo iwconfig wlan0 power off + sudo dpkg-reconfigure locales
 </code>  </code> 
 +
 +Deselect unused ''locales'' and save them.
  
 ---- ----
-==== User defined command alias ====  
  
-If you don't have ''.bash_aliases'' in your home directory+ 
 +===== Upgrade & Maintenance ===== 
 + 
 +==== Major LTS upgrade ====  
 + 
 +Upgrade from 18.04 LTS to 20.04 LTS (''Focal Fossa'')  
 + 
 +Official Guide on upgrade [[https://meson.in/2ALsTwg|How to upgrade from Ubuntu 18.04 LTS to 20.04 LTS today]] <sub>  --- Updated on //2020/07/11 03:40// </sub>  
 + 
 +=== Upgrade on the command line ===  
 + 
 +Update all repository for packages, which already installed on the system 
 <code bash>  <code bash> 
-touch .bash_aliases    + sudo apt update && sudo apt dist-upgrade -y && sudo apt autoremove 
 </code>  </code> 
  
-''Edit'' ''.bash_aliases''. Example: Backup Nginx configuration files with date stamp. +Upgrade with major LTS with 
  
 <code bash>  <code bash> 
-alias backup_nginx='sudo rsync -avh --progress /etc/nginx/ /home/user/storage/Nginx.Config//nginx_config_`date +"%Y%m%d"`/'+ sudo do-release-upgrade -d 
 </code>  </code> 
 +
 +Follow the procedures and finish.  
 +
 +<code text> 
 +Some third party entries in your sources.list were disabled. You can 
 +re-enable them after the upgrade with the 'software-properties' tool 
 +or your package manager. 
 +</code>
  
 ---- ----
 +
 ==== Fetch error during update ====  ==== Fetch error during update ==== 
  
Line 363: Line 554:
  
 ----  ---- 
 +==== Upgrade php 7.x ==== 
  
 +Append additional source for php7.x latest,
 +<code bash> 
 +sudo apt install software-properties-common
 +sudo add-apt-repository ppa:ondrej/php
 +</code> 
 +
 +<code bash> 
 +wget -q https://packages.sury.org/php/apt.gpg -O- | sudo apt-key add -
 +echo "deb https://packages.sury.org/php/ `lsb_release -cs` main" | sudo tee /etc/apt/sources.list.d/php.list
 +</code>
 +
 +Append ''Nginx mainline'' packages 
 +
 +<code bash> 
 +sudo add-apt-repository ppa:ondrej/nginx-mainline
 +</code> 
 +
 +Update source lists
 +
 +<code bash> 
 +sudo apt-get update
 +</code> 
 +
 +<code text> 
 +Reading package lists... Done
 +E: The method driver /usr/lib/apt/methods/https could not be found.
 +N: Is the package apt-transport-https installed?
 +E: Failed to fetch https://packages.sury.org/php/dists/stretch/InRelease
 +E: Some index files failed to download. They have been ignored, or old ones used instead.
 +</code> 
 +
 +When it comes to this errors, install additional packages for update, 
 +
 +<code bash> 
 +sudo apt-get install ca-certificates apt-transport-https
 +</code> 
 +
 +Install php with latest version 
 +
 +<code bash> 
 +sudo apt-get install php7.2 php7.2-cli php7.2-common php7.2-opcache php7.2-curl php7.2-mbstring php7.2-mysql php7.2-zip php7.2-xml
 +</code> 
 +
 +To verify the installation is completed run the following command:
 +
 +<code bash> 
 +php -v
 +</code> 
 + 
 +
 +----
 +==== Install & upgrade Nginx ==== 
 +
 +Install the prerequisites:
 +
 +<code bash>
 +sudo apt install curl gnupg2 ca-certificates lsb-release
 +</code> 
 +
 +To set up the apt repository for stable nginx packages, run the following command:
 +<code bash> 
 +echo "deb http://nginx.org/packages/ubuntu `lsb_release -cs` nginx" \
 +    | sudo tee /etc/apt/sources.list.d/nginx.list
 +</code> 
 +
 +If you would like to use mainline nginx packages, run the following command instead:
 +
 +<code bash> 
 +echo "deb http://nginx.org/packages/mainline/ubuntu `lsb_release -cs` nginx" \
 +    | sudo tee /etc/apt/sources.list.d/nginx.list
 +</code> 
 +
 +Next, import an official nginx signing key so apt could verify the packages authenticity:
 +
 +<code bash> 
 +curl -fsSL https://nginx.org/keys/nginx_signing.key | sudo apt-key add -
 +</code> 
 +
 +Verify that you now have the proper key:
 +
 +<code bash> 
 +sudo apt-key fingerprint ABF5BD827BD9BF62
 +</code>
 +
 +The output should contain the full fingerprint ''573B FD6B 3D8F BC64 1079 A6AB ABF5 BD82 7BD9 BF62'' as follows:
 +
 +<code txt> 
 +pub   rsa2048 2011-08-19 [SC] [expires: 2024-06-14]
 +      573B FD6B 3D8F BC64 1079  A6AB ABF5 BD82 7BD9 BF62
 +uid   [ unknown] nginx signing key <signing-key@nginx.com>
 +</code> 
 +
 +To install nginx, run the following commands:
 +
 +<code bash> 
 +sudo apt update
 +sudo apt install nginx
 +</code> 
 +
 +----
 +
 +==== Upgrade mariadb ==== 
 +
 +<button type="link" icon="mdi mdi-database-plus">[[https://downloads.mariadb.org/mariadb/repositories|Setting up MariaDB Repositories]]</button>
 +
 +Select ''Disto'', ''Release'' and ''Version'' and follow the instruction 
 +
 +<code bash> 
 +sudo apt-get install software-properties-common
 +sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
 +sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] https://ftp.harukasan.org/mariadb/repo/10.5/ubuntu focal main'
 +</code>
 +
 +Once the key is imported and the repository added you can install MariaDB 10.5 from the MariaDB repository with:
 +
 +<code bash>
 +sudo apt update
 +sudo apt install mariadb-server
 +</code>
 +
 +Check service is working correctly and installed version. 
 +
 +<code bash> 
 +sudo mysql -uroot -p
 +</code> 
 +
 +Alternatively, edit ''/etc/apt/sources.list'' or add repository with command line. 
 +
 +<code>
 +# MariaDB 10.5 repository list - created 2020-08-31 04:34 UTC
 +# http://downloads.mariadb.org/mariadb/repositories/
 +deb [arch=amd64] https://ftp.harukasan.org/mariadb/repo/10.5/ubuntu focal main
 +deb-src https://ftp.harukasan.org/mariadb/repo/10.5/ubuntu focal main
 +</code>
 +
 +If you need debug packages, add the debug component to your sources.list with:
 +
 +<code bash>
 +sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] https://ftp.harukasan.org/mariadb/repo/10.5/ubuntu focal main/debug'
 +</code> 
 +
 +MariaDB debug packages will now show up when searching for 'mariadb' with apt and are distinguished by the `-dbgsym` suffix. Debug packages are generally only needed during development and usually should not be installed unless you know that you need them.
 +
 +----
 ==== Basic commands 101 ====  ==== Basic commands 101 ==== 
  
-{{fa>terminal?color=#AABBCC}} [[https://devhints.io/|Rico's cheatsheets]] -- First glimpse on {{fa>linux?color=#a80030}} **Linux commands**+{{fa>terminal?size=24&color=#AABBCC}} [[https://devhints.io/|Rico's cheatsheets]] -- first glimpse on {{fa>linux?color=#a80030}} **Linux commands** 
  
 === rm ===  === rm === 
Line 400: Line 737:
  
 ---- ----
 +
 +=== find string(s) in files ===
 +
 +<code bash> 
 +find /path/to/files/ -type f | xargs grep -n 'string_to_search'
 +</code> 
 +
 +----
 +
 +=== [output to file] === 
 +
 +|  |  visible in terminal  | |  visible in file  |  |   
 +|  syntax  |  ''stdout''  |  ''stderr''  |  ''stdout''  |  ''stderr''  |  existing file  |
 +| | | | | | | 
 +|  ''>''  |  no  |  yes  |  yes  |  no  |  overwrite 
 +|  ''>>''  |  no  |  yes  |  yes  |  no  |  append 
 +|  ''2>''  |  yes  |  no  |  no  |  yes  |  overwrite  |
 +|  ''2>>''  |  yes  |  no  |  no  |  yes  |  append  |
 +|  ''&>''  |  no  |  no  |  yes  |  yes  |  overwrite  |
 +|  ''&>>''  |  no  |  no  |  yes  |  yes  |  append  |
 +|  ''| tee''  |  yes  |  yes  |  yes  |  no  |  overwrite  |
 +|  ''| tee -a''  |  yes  |  yes  |  yes  |  no  |  append  |
 +|  ''|& tee''  |  yes  |  yes  |  yes  |  yes  |  overwrite  |
 +|  ''|& tee -a''  |  yes  |  yes  |  yes  |  yes  |  append  |
 +| | | | | | | 
 +
 +<code bash>
 +command > output.txt   
 +</code> 
 +The standard output stream will be redirected to the file only, it will not be visible in the terminal. If the file already exists, it gets overwritten.
 +
 +<code bash>
 +command >> output.txt
 +</code> 
 +The standard output stream will be redirected to the file only, it will not be visible in the terminal. If the file already exists, the new data will get appended to the end of the file.
 +
 +<code bash>
 +command 2> output.txt
 +</code> 
 +The standard error stream will be redirected to the file only, it will not be visible in the terminal. If the file already exists, it gets overwritten.
 +
 +<code bash>
 +command 2>> output.txt
 +</code> 
 +The standard error stream will be redirected to the file only, it will not be visible in the terminal. If the file already exists, the new data will get appended to the end of the file.
 +
 +<code bash>
 +command &> output.txt
 +</code> 
 +Both the standard output and standard error stream will be redirected to the file only, nothing will be visible in the terminal. If the file already exists, it gets overwritten.
 +
 +<code bash>
 +command &>> output.txt
 +</code> 
 +Both the standard output and standard error stream will be redirected to the file only, nothing will be visible in the terminal. If the file already exists, the new data will get appended to the end of the file..
 +
 +<code bash>
 +command | tee output.txt
 +</code> 
 +The standard output stream will be copied to the file, it will still be visible in the terminal. If the file already exists, it gets overwritten.
 +
 +<code bash>
 +command | tee -a output.txt
 +</code> 
 +The standard output stream will be copied to the file, it will still be visible in the terminal. If the file already exists, the new data will get appended to the end of the file.
 +
 +<code bash>
 +(*)
 +</code> 
 +Bash has no shorthand syntax that allows piping only StdErr to a second command, which would be needed here in combination with tee again to complete the table. If you really need something like that, please look at "How to pipe stderr, and not stdout?" on Stack Overflow for some ways how this can be done e.g. by swapping streams or using process substitution.
 +
 +<code bash>
 +command |& tee output.txt
 +</code> 
 +Both the standard output and standard error streams will be copied to the file while still being visible in the terminal. If the file already exists, it gets overwritten.
 +
 +<code bash>
 +command |& tee -a output.txt
 +</code> 
 +Both the standard output and standard error streams will be copied to the file while still being visible in the terminal. If the file already exists, the new data will get appended to the end of the file.
 +
 +----
 +
 +
  • debian_common.1553323727
  • Last modified: 2019/03/23 06:48
  • by Júne Park