Basic Fedora 31+ Installation: Difference between revisions
Jump to navigation
Jump to search
DrEdWilliams (talk | contribs) m (DrEdWilliams moved page Basic Fedora 31 Installation to Basic Fedora 31+ Installation) |
DrEdWilliams (talk | contribs) mNo edit summary |
||
| Line 1: | Line 1: | ||
== Fedora Distribution Install == | == Fedora Distribution Install == | ||
Fedora 31 | Fedora 31 install from DVD install disk - this process should work for most (if not all) the variants of Fedora (Workstation, server, KDE Plasma). | ||
During install process: | During install process: | ||
* use custom formatting | * use custom formatting | ||
* set partition type to 'standard' | * set partition type to 'standard' | ||
* click on 'automatically create partitions | * click on 'automatically create partitions' | ||
* delete /home partition and increase size of / to fill the disk | * delete /home partition and increase size of / to fill the disk | ||
* change all filesystem types to 'xfs' | |||
* set hostname (if known) | * set hostname (if known) | ||
* enable all basic network interfaces (do not rename -- it will crash the installer) | * enable all basic network interfaces (do not rename -- it will crash the installer) | ||
== Basic system prep == | == Basic system prep == | ||
Most of the initial configuration is now contained in a script that can be executed directly from the config server as root on the target system: | |||
curl -s http://config/config/fedora-basic-config.sh | bash | |||
yum -y update | The contents of this script are included here for reference: | ||
<pre>#!/bin/sh | |||
# | |||
# script to do the basic install of a centos7 headless server | |||
# | |||
# Assumptions: | |||
# - this is run as root immediately after the install has completed | |||
# - the hostname has been set as desired before this script is run | |||
# - an administrator account 'ewilliam' was created during installation | |||
CONFIG=http://kube202/config | |||
# first -- install all the basic necessities (some may already be there) | |||
yum -y install net-tools rsync zsh epel-release yum-utils mlocate drpm | |||
yum -y install sshfs nfs-utils ssmtp psmisc | |||
yum -y remove firewalld postfix | |||
# Enable automatic updates. | |||
# Parameters can be set in the config files '/etc/dnf/automatic.conf' | |||
yum -y install dnf-automatic | |||
systemctl enable --now dnf-automatic.timer | |||
# now get all the updates | |||
yum -y update | |||
# now disable SELinux (no comment) | |||
sed -i 's/=enforcing/=disabled/g' /etc/selinux/config | |||
setenforce 0 | |||
# Enable the SSH server (why it's not enabled by default is strange ...) | |||
systemctl enable --now sshd | |||
# make sudo passwordless for group wheel | |||
echo "%wheel ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/91-wheel-NOPASSWD | |||
# now that zsh is installed, make it the default | |||
chsh -s /bin/zsh | |||
chsh -s /bin/zsh ewilliam | |||
# copy the standard zsh config files | |||
curl -s $CONFIG/centos7/.zshrc -o /root/.zshrc | |||
curl -s $CONFIG/centos7/.zshrc -o /home/ewilliam/.zshrc | |||
chown ewilliam.ewilliam /home/ewilliam/.zshrc | |||
# load ssh known_hosts from the config server | |||
mkdir -p /root/.ssh | |||
curl -s $CONFIG/ssh/known_hosts -o /root/.ssh/known_hosts | |||
mkdir -p /home/ewilliam/.ssh | |||
curl -s $CONFIG/ssh/known_hosts -o /home/ewilliam/.ssh/known_hosts | |||
chown -R ewilliam.ewilliam /home/ewilliam/.ssh | |||
# get backup scripts | |||
curl -s $CONFIG/centos7/backup -o /etc/cron.daily/backup | |||
curl -s $CONFIG/centos7/rsync_backup.sh -o /usr/local/bin/rsync_backup.sh | |||
chmod +x /usr/local/bin/rsync_backup.sh | |||
# configure log server | |||
curl -s $CONFIG/centos7/99-remotelog.conf -o /etc/rsyslog.d/99-remotelog.conf | |||
systemctl restart rsyslog | |||
# enable mail to the central email server | |||
echo "root: ewilliam@williams.localnet" >> /etc/aliases | |||
echo "ewilliam: ewilliam@williams.localnet" >> /etc/aliases | |||
# get the standard /etc/hosts file | |||
curl $CONFIG/hosts -o /etc/hosts | |||
# now reboot | |||
reboot</pre> | |||
== Final Configuration == | |||
The only remaining task is to load the ssh credentials for '''root''' and any user accounts. This is done by running the following command from each user account (assuming aslan is the reference source): | |||
scp | scp -r aslan:.ssh $HOME | ||
This can also be pushed from aslan to the new system for each account: | |||
scp -r ~/.ssh <new_host>: | |||
scp | |||
Passwords will be required for this action, but (if the copy is successful) no further passwords will be needed by ssh. | |||
Revision as of 21:13, 29 November 2020
Fedora Distribution Install
Fedora 31 install from DVD install disk - this process should work for most (if not all) the variants of Fedora (Workstation, server, KDE Plasma).
During install process:
- use custom formatting
- set partition type to 'standard'
- click on 'automatically create partitions'
- delete /home partition and increase size of / to fill the disk
- change all filesystem types to 'xfs'
- set hostname (if known)
- enable all basic network interfaces (do not rename -- it will crash the installer)
Basic system prep
Most of the initial configuration is now contained in a script that can be executed directly from the config server as root on the target system:
curl -s http://config/config/fedora-basic-config.sh | bash
The contents of this script are included here for reference:
#!/bin/sh # # script to do the basic install of a centos7 headless server # # Assumptions: # - this is run as root immediately after the install has completed # - the hostname has been set as desired before this script is run # - an administrator account 'ewilliam' was created during installation CONFIG=http://kube202/config # first -- install all the basic necessities (some may already be there) yum -y install net-tools rsync zsh epel-release yum-utils mlocate drpm yum -y install sshfs nfs-utils ssmtp psmisc yum -y remove firewalld postfix # Enable automatic updates. # Parameters can be set in the config files '/etc/dnf/automatic.conf' yum -y install dnf-automatic systemctl enable --now dnf-automatic.timer # now get all the updates yum -y update # now disable SELinux (no comment) sed -i 's/=enforcing/=disabled/g' /etc/selinux/config setenforce 0 # Enable the SSH server (why it's not enabled by default is strange ...) systemctl enable --now sshd # make sudo passwordless for group wheel echo "%wheel ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/91-wheel-NOPASSWD # now that zsh is installed, make it the default chsh -s /bin/zsh chsh -s /bin/zsh ewilliam # copy the standard zsh config files curl -s $CONFIG/centos7/.zshrc -o /root/.zshrc curl -s $CONFIG/centos7/.zshrc -o /home/ewilliam/.zshrc chown ewilliam.ewilliam /home/ewilliam/.zshrc # load ssh known_hosts from the config server mkdir -p /root/.ssh curl -s $CONFIG/ssh/known_hosts -o /root/.ssh/known_hosts mkdir -p /home/ewilliam/.ssh curl -s $CONFIG/ssh/known_hosts -o /home/ewilliam/.ssh/known_hosts chown -R ewilliam.ewilliam /home/ewilliam/.ssh # get backup scripts curl -s $CONFIG/centos7/backup -o /etc/cron.daily/backup curl -s $CONFIG/centos7/rsync_backup.sh -o /usr/local/bin/rsync_backup.sh chmod +x /usr/local/bin/rsync_backup.sh # configure log server curl -s $CONFIG/centos7/99-remotelog.conf -o /etc/rsyslog.d/99-remotelog.conf systemctl restart rsyslog # enable mail to the central email server echo "root: ewilliam@williams.localnet" >> /etc/aliases echo "ewilliam: ewilliam@williams.localnet" >> /etc/aliases # get the standard /etc/hosts file curl $CONFIG/hosts -o /etc/hosts # now reboot reboot
Final Configuration
The only remaining task is to load the ssh credentials for root and any user accounts. This is done by running the following command from each user account (assuming aslan is the reference source):
scp -r aslan:.ssh $HOME
This can also be pushed from aslan to the new system for each account:
scp -r ~/.ssh <new_host>:
Passwords will be required for this action, but (if the copy is successful) no further passwords will be needed by ssh.