Basic Fedora 31+ Installation: Difference between revisions

Fedora Distribution Install[edit]

Fedora 31 install from DVD install disk - this process should work for most (if not all) the variants of Fedora (Workstation, server, KDE Plasma).

During install process:

• use custom formatting
• set partition type to 'standard'
• click on 'automatically create partitions'
• delete /home partition and increase size of / to fill the disk
• change all filesystem types to 'xfs'
• set hostname (if known)
• enable all basic network interfaces (do not rename -- it will crash the installer)

Basic system prep[edit]

Most of the initial configuration is now contained in a script that can be executed directly from the config server as root on the target system:

curl -s http://config/config/fedora-basic-config.sh | bash

The contents of this script are included here for reference, though updates to the script may occur without updates to this page:

#!/bin/sh
#
# script to do the basic install of a centos7 headless server
#
# Assumptions:
#  - this is run as root immediately after the install has completed
#  - the hostname has been set as desired before this script is run
#  - an administrator account 'ewilliam' was created during installation

CONFIG=http://kube202/config

# first -- install all the basic necessities (some may already be there)
yum -y install net-tools rsync zsh yum-utils mlocate drpm
yum -y install sshfs nfs-utils ssmtp psmisc git
yum -y remove firewalld postfix

# things that seem to not be included in the server version?
yum -y install cronie cronie-anacron
systemctl enable --now crond

# Enable automatic updates.  
#  Parameters can be set in the config files '/etc/dnf/automatic.conf'
yum -y install dnf-automatic
systemctl enable --now dnf-automatic.timer

# now get all the updates
yum -y update

# now disable SELinux (no comment)
sed -i 's/=enforcing/=disabled/g' /etc/selinux/config
setenforce 0

# Enable the SSH server (why it's not enabled by default is strange ...)
systemctl enable --now sshd

# make sudo passwordless for group wheel
echo "%wheel ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/91-wheel-NOPASSWD

# now that zsh is installed, make it the default
chsh -s /bin/zsh
chsh -s /bin/zsh ewilliam

# copy the standard zsh config files
curl -s $CONFIG/centos7/.zshrc -o /root/.zshrc
curl -s $CONFIG/centos7/.zshrc -o /home/ewilliam/.zshrc
chown ewilliam.ewilliam /home/ewilliam/.zshrc

# load ssh known_hosts from the config server
mkdir -p /root/.ssh
curl -s $CONFIG/ssh/known_hosts -o /root/.ssh/known_hosts
mkdir -p /home/ewilliam/.ssh
curl -s $CONFIG/ssh/known_hosts -o /home/ewilliam/.ssh/known_hosts
chown -R ewilliam.ewilliam /home/ewilliam/.ssh

# get backup scripts
curl -s $CONFIG/centos7/backup -o /etc/cron.daily/backup
curl -s $CONFIG/centos7/rsync_backup.sh -o /usr/local/bin/rsync_backup.sh
chmod +x /usr/local/bin/rsync_backup.sh

# configure log server
curl -s $CONFIG/centos7/99-remotelog.conf -o /etc/rsyslog.d/99-remotelog.conf
systemctl restart rsyslog

# enable mail to the central email server
echo "root: ewilliam@williams.localnet" >> /etc/aliases
echo "ewilliam: ewilliam@williams.localnet" >> /etc/aliases

# get the standard /etc/hosts file
curl $CONFIG/hosts -o /etc/hosts

# install metricbeat
curl -s $CONFIG/centos7/elastic.repo > /etc/yum.repos.d/elastic.repo
yum -y install metricbeat
curl -s $CONFIG/centos7/metricbeat.yml > /etc/metricbeat/metricbeat.yml

# install the host/known_hosts synchronization
curl -s $CONFIG/host_check.sh > /etc/cron.hourly/host_check
chmod +x /etc/cron.hourly/host_check

# now reboot
reboot

Next Steps[edit]

The rest of the installation process is not OS-dependent and is described here.