Basic Fedora 31+ Installation: Difference between revisions

From WilliamsNet Wiki
Jump to navigation Jump to search
mNo edit summary
 
(2 intermediate revisions by the same user not shown)
Line 30: Line 30:


# first -- install all the basic necessities (some may already be there)
# first -- install all the basic necessities (some may already be there)
yum -y install net-tools rsync zsh epel-release yum-utils mlocate drpm
yum -y install net-tools rsync zsh yum-utils mlocate drpm
yum -y install sshfs nfs-utils ssmtp psmisc
yum -y install sshfs nfs-utils ssmtp psmisc git
yum -y remove firewalld postfix
yum -y remove firewalld postfix
# things that seem to not be included in the server version?
yum -y install cronie cronie-anacron
systemctl enable --now crond


# Enable automatic updates.   
# Enable automatic updates.   
Line 83: Line 87:
# get the standard /etc/hosts file
# get the standard /etc/hosts file
curl $CONFIG/hosts -o /etc/hosts
curl $CONFIG/hosts -o /etc/hosts
# install metricbeat
curl -s $CONFIG/centos7/elastic.repo > /etc/yum.repos.d/elastic.repo
yum -y install metricbeat
curl -s $CONFIG/centos7/metricbeat.yml > /etc/metricbeat/metricbeat.yml
# install the host/known_hosts synchronization
curl -s $CONFIG/host_check.sh > /etc/cron.hourly/host_check
chmod +x /etc/cron.hourly/host_check


# now reboot
# now reboot
reboot</pre>
reboot</pre>


== Final Configuration ==
== Next Steps ==
The only remaining task is to load the ssh credentials for '''root''' and any user accounts.  This is done by running the following command from each user account (assuming aslan is the reference source):
The rest of the installation process is not OS-dependent and is described [[Common Post-Install|here]].
 
scp -r aslan:.ssh $HOME
 
This can also be pushed from aslan to the new system for each account:
 
scp -r ~/.ssh <new_host>:
 
Passwords will be required for this action, but (if the copy is successful) no further passwords will be needed by ssh.

Latest revision as of 12:56, 25 November 2021

Fedora Distribution Install[edit]

Fedora 31 install from DVD install disk - this process should work for most (if not all) the variants of Fedora (Workstation, server, KDE Plasma).

During install process:

  • use custom formatting
  • set partition type to 'standard'
  • click on 'automatically create partitions'
  • delete /home partition and increase size of / to fill the disk
  • change all filesystem types to 'xfs'
  • set hostname (if known)
  • enable all basic network interfaces (do not rename -- it will crash the installer)

Basic system prep[edit]

Most of the initial configuration is now contained in a script that can be executed directly from the config server as root on the target system: 

curl -s http://config/config/fedora-basic-config.sh | bash

The contents of this script are included here for reference, though updates to the script may occur without updates to this page: 

#!/bin/sh
#
# script to do the basic install of a centos7 headless server
#
# Assumptions:
#  - this is run as root immediately after the install has completed
#  - the hostname has been set as desired before this script is run
#  - an administrator account 'ewilliam' was created during installation

CONFIG=http://kube202/config

# first -- install all the basic necessities (some may already be there)
yum -y install net-tools rsync zsh yum-utils mlocate drpm
yum -y install sshfs nfs-utils ssmtp psmisc git
yum -y remove firewalld postfix

# things that seem to not be included in the server version?
yum -y install cronie cronie-anacron
systemctl enable --now crond

# Enable automatic updates.  
#  Parameters can be set in the config files '/etc/dnf/automatic.conf'
yum -y install dnf-automatic
systemctl enable --now dnf-automatic.timer

# now get all the updates
yum -y update

# now disable SELinux (no comment)
sed -i 's/=enforcing/=disabled/g' /etc/selinux/config
setenforce 0

# Enable the SSH server (why it's not enabled by default is strange ...)
systemctl enable --now sshd

# make sudo passwordless for group wheel
echo "%wheel ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/91-wheel-NOPASSWD

# now that zsh is installed, make it the default
chsh -s /bin/zsh
chsh -s /bin/zsh ewilliam

# copy the standard zsh config files
curl -s $CONFIG/centos7/.zshrc -o /root/.zshrc
curl -s $CONFIG/centos7/.zshrc -o /home/ewilliam/.zshrc
chown ewilliam.ewilliam /home/ewilliam/.zshrc

# load ssh known_hosts from the config server
mkdir -p /root/.ssh
curl -s $CONFIG/ssh/known_hosts -o /root/.ssh/known_hosts
mkdir -p /home/ewilliam/.ssh
curl -s $CONFIG/ssh/known_hosts -o /home/ewilliam/.ssh/known_hosts
chown -R ewilliam.ewilliam /home/ewilliam/.ssh

# get backup scripts
curl -s $CONFIG/centos7/backup -o /etc/cron.daily/backup
curl -s $CONFIG/centos7/rsync_backup.sh -o /usr/local/bin/rsync_backup.sh
chmod +x /usr/local/bin/rsync_backup.sh

# configure log server
curl -s $CONFIG/centos7/99-remotelog.conf -o /etc/rsyslog.d/99-remotelog.conf
systemctl restart rsyslog

# enable mail to the central email server
echo "root: ewilliam@williams.localnet" >> /etc/aliases
echo "ewilliam: ewilliam@williams.localnet" >> /etc/aliases

# get the standard /etc/hosts file
curl $CONFIG/hosts -o /etc/hosts

# install metricbeat
curl -s $CONFIG/centos7/elastic.repo > /etc/yum.repos.d/elastic.repo
yum -y install metricbeat
curl -s $CONFIG/centos7/metricbeat.yml > /etc/metricbeat/metricbeat.yml

# install the host/known_hosts synchronization
curl -s $CONFIG/host_check.sh > /etc/cron.hourly/host_check
chmod +x /etc/cron.hourly/host_check

# now reboot
reboot

Next Steps[edit]

The rest of the installation process is not OS-dependent and is described here.

Retrieved from "http://wiki.williams-net.org/index.php?title=Basic_Fedora_31%2B_Installation&oldid=659"