Working notes for setting up new computers

These are my working notes on how to set up new computers, either workstations or servers.

Desktop

Install kubuntu
Install medibuntu
apt-get install emacs eldav gdm nxml-mode cvs git-core curl cabextract sux ia32-libs libdvdread4 libdvdnav4 libdvdcss ttf-msttcorefonts-installer
Set up Firefox
- about:config settings:
```
browser.enable_automatic_image_resizing false
browser.tabs.closeButtons 3
```
- View -> Zoom -> Zoom Text Only
- Addons:
  - Adblock Plus
  - Basics
  - Flashblock
  - It's All Text
  - Xmarks
  - oldbar
  - Tabs Open Relative
  - Web Developer
- apt-get install flashplugin-installer
Make a cvs checkout of Documents

Make links

.bashrc -> Documents/workspace/.bashrc
.cvsrc -> Documents/workspace/.cvsrc
.emacs -> Documents/workspace/.emacs
.grip -> Documents/workspace/.grip
.xinitrc -> Documents/workspace/.xinitrc

desktop keybindings:

 - ctrl-tab
 - alt-f1 for terminal
 - ctrl-1 to ctrl-8 to move windows to desktops
 - altl-1 to ctrl-8 to move to desktop
 - alt-f6 to resize window
 - alt-f5 to move window

In System Settings, customize
- Appearance
- Desktop
- Notifications
- Window Behavior
- Keyboard & Mouse
- Regional & Language:
  - Enable US and switching
  - restore ctrl-alt-backspace
Set aliases machine-wide
ssh server
get the Vista Fonts
deep
Reboot and check dmesg for errors

Webcam

Install ffmpeg

sudo apt-get install ffmpeg libavcodec-unstripped-52 libavutil-unstripped-49 normalize-audio libsox-fmt-mp3

Install gphoto2 2.4.5
install libptp2 from source
- apt-get install libusb-dev pkg-config libgtk2.0-dev libreadline-dev
- download, untar, ./configure, make, make install
install capture from source:
- download
- untar
- make
- make install
install calibri.ttf at /usr/share/fonts/truetype
get webcam scripts
- Admin > Deploy Keys
- git clone git@github.com:jaufrec/webcam.git
- Follow the README
Set up KonaCam2

Old notes

Laptop: Thinkpad X40

Create Debian USB boot disk, as per http://d-i.pascal.at/ (kernel is called linux instead of vmlinuz)
Put USB disk in X40 and turn it on. Press F12 during boot to get a device menu, and select USB.
After startup is complete, go to another shell (alt-F2) and use parted to shrink the windows partition to 5Gb
Install the bare minimum, using debian stable (sarge)
Install GRUB when prompted
Use a razor blade to pry, not scrape, off the Microsoft and Intel advertisements on the keyboard. Try to peel off the glue with the stickers. Use small amounts of soap, water, and friction to remove leftover glue.
Reboot
Modify the Windows partition to prevent its conversion from FAT32 to NTFS, as detailed in http://www.chronox.de/x40_linux/linux_on_x40.html. In addition to convert.exe, I also moved convsomethingorother.
Upgrade from testing to unstable (instructions?)
Install wireless support from http://ipw2200.sourceforge.net/
apt-get install portmap-
apt-get install sudo rsync ntpdate ssh-askpass rdate
apt-get install kde kdm openoffice.org gnucash mozilla-firefox gqview emacs21 eldav mutt flashplugin-nonfree
screw with XF86config (ended up using http://www.chronox.de/x40_linux/XF86Config-4 except with dvorak keymap)
Install Java: http://wiki.osuosl.org/display/DEV/Java+on+Debian
apt-get install acpi acpid i810switch
Install a custom kernel to get ibm acpi module. No longer needed with 2.6.14.
- cd /usr/src tar xjvf kernel(version) ln -s kernel(version) linux cd linux make xconfig make-kpkg --initrd kernel_image dpkg -i ../kernel-image-2.6.12.1_10.00.Custom_i386.deb
  Reboot.
Add clouds to xplanet as detailed in http://www.number.ch/wiki/index.php/XplanetClouds
Set up automatic clock synchronization according to these instructions. (The magic command is rdate -s clock-1.cs.cmu.edu && hwclock --systohc; the instructions show how to get that into a debian equivalent of rc.local.)
TODO: disable system bell: this didn't work.
TODO: get hibernate to work. tried instructions with the 2.6.11 kernel but ran into problems.

Server

Sign up with a dedicated host company. I used NetSonic, which provided a dedicated machine with Debian Sarge (3.1) preinstalled.

Install basic utilities

apt-get install emacs21 ntpdate cvs bzip2 rsync runit sux
echo "/bin/false" >> /etc/shells

set up apt pinning in order to access unstable repository. Notes

Put these conveniences in /etc/joels_aliases


alias df='df -h'
alias duh='du --max-depth=1 -h'
alias grep='grep --color'
alias less='less -X'
alias more='less -X'
alias pf='ps auxf'
alias pg='ps aux | grep'
alias root='sudo sux -'
alias tx='tar xzvf'
alias tj='tar xjvf'
alias l='ls -alrt'
alias lss='ls -alrS'
export EDITOR=emacs
alias grepc='grep ^[^#]'
umask=0002

and put . /etc/joels_aliases in /etc/profile and /etc/bash.bashrc

Set up sudo. Put this in /etc/sudoers (use visudo):
```
%wheel   ALL=(ALL) ALL
```
and put the user account in wheel with: usermod -G wheel joel

Remove unneeded services.

apt-get install bind9- bind9-doc- dhcp-client- ipchains- lpr-  nfs-common- portmap- ppp-

Set up recurring processes: debian updating and ntpdate. Put this in root's crontab:

# m h  dom mon dow   command 
42 4 * * * apt-get update && apt-get -q -d -y -u dist-upgrade

Set up virtual IPs. Add this stanza to /etc/network/interfaces for each new IP:
```
iface eth0:0 inet static
  address 66.180.174.95
  netmask 255.255.255.255
```
CapitalistDemocracy.com. This is two sites; one public site, which has only one page, and one private site which is running Mediawiki. Starting point is these instructions.
1. ```
apt-get install apache2-mpm-prefork libapache2-mod-php4 php4-gd php4-imagick
```
2. Set up name-based virtual hosting based on this.
3. Copy /etc/apache2/sites-available/default to capdemwiki, change * to the IP, add ServerName and ServerAlias, and link from sites-available to sites-enabled.
4. Enable SSL: certificate; link mod-enabled; put stuff in site. COMPLETE but not documented here
UprightConsulting.com. This is an OpenACS site.
1. Install postgres as per these instructions
2. ```
apt-get install aolserver4 aolserver4-nscache aolserver4-nssha1 tcl8.4 tcl8.4-dev tdom imagemagick
```
3. ```
apt-get -t unstable install aolserver4-nspostgres
```
4. Copy nsfts.so from an existing installation. Assume that nsfts.so won't work.
5. Copy over the file tree from /var/www/aolserver/uprightconsulting on old host
6. ```
createdb uprightconsulting
```
  and restore from the sql backup
7. Copy /var/cache/analog files from old machine
aufrecht.org. Same as for UprightConsulting.
Set up qmail
1. Make sure /etc/apt/sources.list includes non-free and contrib
2. ```
apt-get install ucspi-tcp-src qmail-src
```
3. Remove exim. Find all installed exim packages with
```
dpkg -l | grep exim
```
  and remove them with
```
dpkg --force-depends --purge packagename
```
4. Use equivs as documented here to make a dummy package which provides mail-transport-agent, and install it.
5. as root: maildirmake /etc/skel/Maildir
6. Change /etc/init.d/qmail to use Maildir
Set up IMAPS
- apt-get install bincimap bincimap-run
- Copy over the old imaps cert: /etc/ssl/certs/imapd.pem, or generate a new self-signed one
- Copy over the old imap config: /etc/bincimap/bincimap.conf
Migrate users
1. make new users and groups
2. rsync /home. Options for a safe rsync pull that won't delete any local files: -rpogt --ignore-existing --max-delete=0
3. copy over /etc/shadow password hashes
DNS Switch
1. Set up DNS entry on new authority
2. Enable new hostname in /var/qmail/control files
3. change authority at registrar
4. Test with DNS Report
5. Set up entries for openspf
Set up CVS in chroot jail with cvsd package. Use /var/lib/cvs instead of /var/lib/cvsd, and allow PAM auth, so that existing checkouts for shell users still work.
Set up backup with /root/backup.sh and /root/backup-ftp.sh

/etc /home /root /var/lib/cvs /var/qmail/alias /web