These are my working notes on how to set up new computers, either workstations or servers.

Laptop: Thinkpad X40

1. Create Debian USB boot disk, as per http://d-i.pascal.at/ (kernel is called linux instead of vmlinuz)
2. Put USB disk in X40 and turn it on. Press F12 during boot to get a device menu, and select USB.
3. After startup is complete, go to another shell (alt-F2) and use parted to shrink the windows partition to 5Gb
4. Install the bare minimum, using debian stable (sarge)
5. Install GRUB when prompted
6. Use a razor blade to pry, not scrape, off the Microsoft and Intel advertisements on the keyboard. Try to peel off the glue with the stickers. Use small amounts of soap, water, and friction to remove leftover glue.
7. Reboot
8. Modify the Windows partition to prevent its conversion from FAT32 to NTFS, as detailed in http://www.chronox.de/x40_linux/linux_on_x40.html. In addition to convert.exe, I also moved convsomethingorother.
9. Upgrade from testing to unstable (instructions?)
10. Install wireless support from http://ipw2200.sourceforge.net/
11. apt-get install portmap-
12. apt-get install sudo rsync ntpdate ssh-askpass rdate
13. apt-get install kde kdm openoffice.org gnucash mozilla-firefox gqview emacs21 eldav mutt flashplugin-nonfree
14. screw with XF86config (ended up using http://www.chronox.de/x40_linux/XF86Config-4 except with dvorak keymap)
15. Install Java: http://wiki.osuosl.org/display/DEV/Java+on+Debian
16. apt-get install acpi acpid i810switch
17. Install a custom kernel to get ibm acpi module. No longer needed with 2.6.14.
    • apt-get install kernel-package qt-dev-tools sux
    • Edit /boot/grub/menu.lst and add acpi_sleep=s3_bios to the kopt section so that it is added to all auto-generated stanzas. (How to make ACPI work).
    • apt-get install kernel-source-2.6.12 (had to download from kernel.org and untar instead of using debian)

    • cd /usr/src
      tar xjvf kernel(version)
      ln -s kernel(version) linux
      cd linux
      make xconfig
      make-kpkg --initrd kernel_image
      dpkg -i ../kernel-image-2.6.12.1_10.00.Custom_i386.deb

      Reboot.
18. Add clouds to xplanet as detailed in http://www.number.ch/wiki/index.php/XplanetClouds
19. Set up automatic clock synchronization according to these instructions. (The magic command is rdate -s clock-1.cs.cmu.edu && hwclock --systohc; the instructions show how to get that into a debian equivalent of rc.local.)
20. TODO: disable system bell: this didn't work.
21. TODO: get hibernate to work. tried instructions with the 2.6.11 kernel but ran into problems.

Server

1. Sign up with a dedicated host company. I used NetSonic, which provided a dedicated machine with Debian Sarge (3.1) preinstalled.
2. Install basic utilities

   apt-get install emacs21 ntpdate cvs bzip2 rsync runit
   echo "/bin/false" >> /etc/shells

3. set up apt pinning in order to access unstable repository. Notes
4. Put these conveniences in /etc/profile:

   shopt -s checkwinsize
   
   alias df='df -h'
   alias duh='du --max-depth=1 -h'
   alias grep='grep --color'
   alias less='less -X'
   alias more='less -X'
   alias pf='ps auxf'
   alias pg='ps aux | grep'
   alias root='sudo sux -'
   alias tx='tar xvzf'
   alias tj='tar jvzf'
   alias l='ls -al'
   alias lt='ls -alrt'
   export EDITOR=emacs
   

5. Set up sudo.

   apt-get install sudo sux

   Put this in /etc/sudoers (use visudo):

   %wheel   ALL=(ALL) ALL

   and put the user account in wheel with: usermod -G wheel joel
6. Remove unneeded services.

   apt-get install bind9- bind9-doc- dhcp-client- ipchains- lpr-  nfs-common- portmap- ppp-

7. Set up recurring processes: debian updating and ntpdate. Put this in root's crontab:

   # m h  dom mon dow   command 
   42 4 * * * apt-get update && apt-get -q -d -y -u dist-upgrade

8. Set up virtual IPs. Add this stanza to /etc/network/interfaces for each new IP:

   iface eth0:0 inet static
     address 66.180.174.95
     netmask 255.255.255.255
   

9. CapitalistDemocracy.com. This is two sites; one public site, which has only one page, and one private site which is running Mediawiki. Starting point is these instructions.

   1. apt-get install apache2-mpm-prefork libapache2-mod-php4 php4-gd php4-imagick

   2. Set up name-based virtual hosting based on this.
   3. Copy /etc/apache2/sites-available/default to capdemwiki, change * to the IP, add ServerName and ServerAlias, and link from sites-available to sites-enabled.
   4. Enable SSL: certificate; link mod-enabled; put stuff in site. COMPLETE but not documented here
10. UprightConsulting.com. This is an OpenACS site.
    1. Install postgres as per these instructions

    2. apt-get install aolserver4 aolserver4-nscache aolserver4-nssha1 tcl8.4 tcl8.4-dev tdom imagemagick

    3. apt-get -t unstable install aolserver4-nspostgres

    4. Copy nsfts.so from an existing installation. Assume that nsfts.so won't work.
    5. Copy over the file tree from /var/www/aolserver/uprightconsulting on old host

    6. createdb uprightconsulting

       and restore from the sql backup
    7. Copy /var/cache/analog files from old machine
11. aufrecht.org. Same as for UprightConsulting.
12. Set up qmail
    1. Make sure /etc/apt/sources.list includes non-free and contrib

    2. apt-get install ucspi-tcp-src qmail-src

    3. Remove exim. Find all installed exim packages with

       dpkg -l | grep exim

       and remove them with

       dpkg --force-depends --purge packagename

    4. Use equivs as documented here to make a dummy package which provides mail-transport-agent, and install it.
    5. as root: maildirmake /etc/skel/Maildir
    6. Change /etc/init.d/qmail to use Maildir
13. Set up IMAPS
    • apt-get install bincimap bincimap-run
    • Copy over the old imaps cert: /etc/ssl/certs/imapd.pem, or generate a new self-signed one
    • Copy over the old imap config: /etc/bincimap/bincimap.conf
14. Migrate users
    1. make new users and groups
    2. rsync /home. Options for a safe rsync pull that won't delete any local files: -rpogt --ignore-existing --max-delete=0
    3. copy over /etc/shadow password hashes
15. DNS Switch
    1. Set up DNS entry on new authority
    2. Enable new hostname in /var/qmail/control files
    3. change authority at registrar
    4. Test with DNS Report
    5. Set up entries for openspf
16. Set up CVS in chroot jail with cvsd package. Use /var/lib/cvs instead of /var/lib/cvsd, and allow PAM auth, so that existing checkouts for shell users still work.
17. Set up backup with /root/backup.sh and /root/backup-ftp.sh
Directories to back up:

/etc /home /root /var/lib/cvs /var/qmail/alias /web

18. TODO Dec 28: tidy up on old server before shutting down

    grab the web server log
    rsync (careful with options to get only new stuff) user mail
    

Desktop

• Install kubuntu
• Copy my private key
• Set up ssh-askpass
• Set up Firefox
  • about:config settings:

    browser.enable_automatic_image_resizing false
    browser.tabs.closeButtons 3
    browser.urlbar.matchOnlyTyped true
    middlemouse.contentLoadURL false

  • View -> Zoom -> Zoom Text Only
  • Addons:
    • Adblock Filterset.G Updater
    • Adblock Plus
    • Basics
    • Flashblock
    • oldbar
    • Tabs Open Relative
    • Web Developer
• Make a cvs checkout of Documents
• Make links

  .bashrc -> Documents/workspace/.bashrc
  .cvsrc -> Documents/workspace/.cvsrc
  .emacs -> Documents/workspace/.emacs
  .grip -> Documents/workspace/.grip
  .mail_aliases -> Documents/workspace/.mail_aliases
  .mutt.color -> Documents/workspace/.mutt.color
  .muttrc -> Documents/workspace/.muttrc
  .muttrc.joe -> Documents/workspace/.muttrc.joe
  .muttrc.lastgood -> Documents/workspace/.muttrc.lastgood
  .muttrc.sendmail -> Documents/workspace/.muttrc.sendmail
  .muttrc.shared -> Documents/workspace/.muttrc.shared
  .muttrc.work -> Documents/workspace/.muttrc.work
  .xinitrc -> Documents/workspace/.xinitrc
  

• Install /etc/hosts
• desktop keybindings:

   - ctrl-tab
   - alt-f1 for terminal
   - ctrl-1 to ctrl-8 to move windows to desktops
   - altl-1 to ctrl-8 to move to desktop
   - alt-f6 to resize window
   - alt-f5 to move window
  

• Set aliases machine-wide
• ssh-agent

   1) install  x11-askpass
   2) not sure - either .xinitrc or .kde/autostart
  

• install firefox plugins

   - adblock
   - fasterfox
   - flashblock
   - tabbrowser preferences
   - tabs open relative
   - web developer
   - ubuntu extras (flash...)
  

• disable unused services
• cpu temp monitor
• focus stealing exceptions
• get the Vista Fonts
• deep
• Reboot and check dmesg for errors