assuming you got it up and running already, eventually through PXE
check what exact version you got installed
lsb_release -a
get a lease to proceed remotely
ip addr dhclient -v NETIF apt update apt install openssh-server
and eventually continue through ssh
make the menu appear and tune the kernel arguments
cp -pi /etc/default/grub /etc/default/grub.dist vi /etc/default/grub GRUB_DEFAULT=0 GRUB_TIMEOUT=3 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="netcfg/do_not_use_netplan=true net.ifnames=0 biosdevname=0" GRUB_CMDLINE_LINUX="mitigations=off" GRUB_DISABLE_LINUX_UUID=true GRUB_DISABLE_OS_PROBER=true rm -f /etc/grub.d/30_os-prober
more kernel args
# ipv6.disable=1 # i915.enable_psr=0 # amdgpu.exp_hw_support=1 # acpi_backlight=vendor
re-generate the configuration
update-grub2 ls -lF /boot/grub/grub.cfg
eventually setup debian-style networking and validate that it works at boot time
reboot
see Better Networking for Ubuntu
fix time-zone
timedatectl set-timezone Europe/Moscow
fix the clock source (Yandex Cloud VM are KVM guests: we can sync time with hypervisor)
pgrep -a ntp systemctl stop ntp systemctl disable ntp cat /sys/devices/system/clocksource/clocksource0/available_clocksource cat /sys/devices/system/clocksource/clocksource0/current_clocksource # tsc echo kvm-clock > /sys/devices/system/clocksource/clocksource0/current_clocksource cat /sys/devices/system/clocksource/clocksource0/current_clocksource # kvm-clock cp -pi /etc/default/grub /etc/default/grub.dist vi /etc/default/grub
GRUB_TIMEOUT=3
...
GRUB_CMDLINE_LINUX="notsc clocksource=kvm-clock"
update-grub2
make it a true server
systemctl get-default systemctl set-default multi-user.target
on Ubuntu, add $HOME/bin to your PATH
cat /etc/environment mv -i /etc/environment /etc/environment.dist vi /etc/environment PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin:$HOME/bin" source /etc/environment echo $PATH
on Debian, replace the whole root condition
cp -pi /etc/profile /etc/profile.dist vi /etc/profile PATH="/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:$HOME/bin" source /etc/profile echo $PATH
use all cores while building software
cp -pi /etc/bash.bashrc /etc/bash.bashrc.dist
vi /etc/bash.bashrc
MAKEFLAGS=-j$((`grep ^processor /proc/cpuinfo | tail -1 | awk '{print $NF}'` + 1))
and eventually consider those additions
export LC_ALL=en_US.UTF-8 export LANG=en_US.UTF-8 export LANGUAGE=en_US:en #export LC_COLLATE=C.UTF-8 #export DEBIAN_FRONTEND=noninteractive
apply at once
source /etc/bash.bashrc
check if Perl is happy with the locales
perl -e exit
and eventually setup GNU/Screen
there are too many ways to do the same thing
tzselect dpkg-reconfigure tzdata #echo $zone #echo $zone > /etc/timezone #timedatectl set-timezone $zone #cat /etc/timezone ln -s /usr/share/zoneinfo/$zone /etc/localtime ls -lF /etc/localtime* timedatectl status
see daemons/ntp
not sure it’s already enabled as cron
updatedb
either setup outbound email
apt install \ postfix bsd-mailx rsyslog #pmailq mailutils
or just disable the shit (that’s a friendly word, don’t take it badly)
systemctl status postfix systemctl stop postfix systemctl disable postfix
eventually enable custom daily and weekly cron jobs
cd /root/ wget https://pub.nethence.com/bin/system/DAILY.txt mv DAILY.txt DAILY chmod +x DAILY wget https://pub.nethence.com/bin/system/WEEKLY.txt mv WEEKLY.txt WEEKLY chmod +x WEEKLY
assuming your host is outbound email-ready
crontab -e MAILFROM="root@HOSTNAME-HERE" 00 4 * * * /root/DAILY 2>&1 00 5 * * 0 /root/WEEKLY 2>&1 20 5 * * 0 /root/tagdiff.bash 2>&1 21 5 * * 0 /root/confdiff.bash 2>&1
eventually harden your SSL certificates trust-store
warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
==> the easy way
dpkg-reconfigure locales
==> the quick & dirty way, re-generate the locales you need
#apt install language-pack-en-base locale-gen en_US.UTF-8 update-locale LANG=en_US.UTF-8
then check the current setting and try again
cat /etc/default/locale locale perl -e exit
in case some variables such as LANGUAGE and LC_ALL are still missing, add those the brutal way
cat >> /etc/bash.bashrc <<EOF export LC_ALL=en_US.UTF-8 export LANG=en_US.UTF-8 export LANGUAGE=en_US:en EOF source /etc/bash.bashrc
at startup
systemctl status rc-local vi /etc/rc.local #!/bin/bash # nothing here yet chmod +x /etc/rc.local
at shutdown
ls -lF /lib/systemd/system/rc-local-shutdown.service # no exist vi /lib/systemd/system/rc-local-shutdown.service [Unit] Description=rc.local_shutdown compatibility ConditionFileIsExecutable=/etc/rc.local_shutdown DefaultDependencies=no After=rc-local.service basic.target Before=shutdown.target [Service] ExecStop=/etc/rc.local_shutdown StandardInput=tty RemainAfterExit=yes [Install] WantedBy=shutdown.target vi /etc/rc.local_shutdown #!/bin/bash # nothing here yet chmod +x /etc/rc.local_shutdown
apply
systemctl daemon-reload systemctl enable rc-local-shutdown.service
on a bare-metal system, prevent the system from clearing the screen after boot (equivalent of getty --noclear)
#systemctl edit getty@tty1 ls -lF /etc/systemd/system/getty.target.wants/ vi /lib/systemd/system/getty@.service [Service] ... TTYVTDisallocate=no ... systemctl daemon-reload
we do not need the hostname to change dynamically
#systemctl stop systemd-hostnamed.service #systemctl disable systemd-hostnamed.service
…and countless daemons to disable
one should get the time with it (does not work on Slackware Linux)
dmesg -wHt
how can I remove the clear screen before login https://askubuntu.com/questions/58097/how-can-i-remove-the-clear-screen-before-login
Prevent the console from clearing the screen? https://serverfault.com/questions/255969/prevent-the-console-from-clearing-the-screen
How can I execute command on startup (rc.local alternative) on Ubuntu 16.10 https://askubuntu.com/questions/886620/how-can-i-execute-command-on-startup-rc-local-alternative-on-ubuntu-16-10
(dead link) https://askubuntu.com/questions/952300/how-can-i-execute-command-on-shutdown-rc-local-alternative-on-ubuntu
Configure Locales in Ubuntu https://www.thomas-krenn.com/en/wiki/Configure_Locales_in_Ubuntu
How to set up a clean UTF-8 environment in Linux https://perlgeek.de/en/article/set-up-a-clean-utf8-environment
How to fix a locale setting warning from Perl https://stackoverflow.com/questions/2499794/how-to-fix-a-locale-setting-warning-from-perl
CA certificates extracted from Mozilla https://curl.se/docs/caextract.html
6.3 Wgetrc Commands https://www.gnu.org/software/wget/manual/html_node/Wgetrc-Commands.html
GNU Wget 1.21.1-dirty Manual https://www.gnu.org/software/wget/manual/wget.html
https://unix.stackexchange.com/questions/377621/clock-instability-in-debian-9-stretch