« Ubuntu arm 20.04 » : différence entre les versions

De Banane Atomic
Aller à la navigationAller à la recherche
(74 versions intermédiaires par le même utilisateur non affichées)
Ligne 3 : Ligne 3 :
* [[Snap]]
* [[Snap]]
* [[Nginx_and_Ubuntu|Nginx and Ubuntu]]
* [[Nginx_and_Ubuntu|Nginx and Ubuntu]]
* [[Mediawiki_and_Ubuntu|Mediawiki and Ubuntu]]

= Useful commande lignes =
= Useful commande lignes =
Ligne 123 : Ligne 124 :
<kode lang='bash'>
<kode lang='bash'>
ai mariadb-server
ai mariadb-server
# set root password, remove anonymous users, disallow root login remotely, remove test database
sudo mysql_secure_installation

# connection with unix_socket
# connection with unix_socket
Ligne 128 : Ligne 132 :

= Mediawiki =
== [https://computingforgeeks.com/how-to-install-mariadb-11-on-ubuntu/?expand_article=1 Upgrade to MariaDB 11.1] ==
== Upgrade ==
<kode lang='bash'>
<kode lang='bash'>
# disable the website
# add MariaDB APT repository
sudo a2dissite mediawiki.conf
curl -LsS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash -s -- --mariadb-server-version=11.1
sc-reload apache2

wget https://releases.wikimedia.org/mediawiki/1.35/mediawiki-1.35.6.tar.gz
# stop the service, then uninstall the version 10.3, then install the version 11
tar xf mediawiki-*.tar.gz
sc-stop mariadb-server
sudo apt remove mariadb-server
ai mariadb-server

cd /var/www
mariadb -V  # test
# backup the previous version
sudo mv mediawiki mediawiki.bak

sudo mv -T ~/downloads/mediawiki-* mediawiki
= [https://wiki.postgresql.org/wiki/Apt PostgreSQL 15+] =
sudo chown -R root:root mediawiki
<kode lang='bash'>
sudo chown -R www-data:www-data mediawiki/cache
# add the postgre official package repository
sudo chown -R www-data:www-data mediawiki/images
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'
sudo cp -R mediawiki.bak/images/* mediawiki/images
# import the GPG signing key for the repository
# copy the custom extensions
wget -qO- https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo tee /etc/apt/trusted.gpg.d/pgdg.asc &>/dev/null
sudo cp -R mediawiki.bak/extensions/MyCustomExtension mediawiki/extensions
# copy the LocalSettings
sudo cp mediawiki.bak/LocalSettings.php mediawiki

# upgrade the database
# install specifically the version 15 instead of the meta-package postgresql to avoid unwanted upgrade
cd mediawiki
ai postgresql-15
php maintenance/update.php
* [[PostgreSQL_and_Ubuntu|PostgreSQL_and_Ubuntu]]

# re-enable the website
= [https://learn.microsoft.com/en-us/dotnet/core/install/linux-scripted-manual#manual-install .NET]  =
sudo a2ensite mediawiki.conf
{{info | On ARM, only manually installation is available [https://learn.microsoft.com/en-us/dotnet/core/install/linux-ubuntu#unable-to-find-package (ref)]}}
sc-reload apache2
* Download [https://dotnet.microsoft.com/en-us/download/dotnet/7.0 .NET 7.0], [https://dotnet.microsoft.com/en-us/download/dotnet/8.0 .NET 8.0]
<kode lang='bash'>
# download ASP.NET Core Runtime
wget https://download.visualstudio.microsoft.com/download/pr/53990197-c340-4514-b12f-a6c6580cc1b8/c25e55e6e23e7bc94701dc982525d66c/aspnetcore-runtime-7.0.13-linux-arm64.tar.gz

# delete unused folder
# extract the archive in the dotnet folder
sudo rm -rf mediawiki.bak
mkdir dotnet
tar xf aspnetcore-runtime-*-linux-arm64.tar.gz -C dotnet
# backup old version
sudo mv /usr/share/dotnet /usr/share/dotnet7.0.12
sudo mv dotnet /usr/share
sudo chown root:root -R /usr/share/dotnet
sudo ln -s /usr/share/dotnet/dotnet /usr/bin/dotnet
dotnet --info  # test
# restart kestrel services
sc-restart kestrel-myapp-webapi.service

== Install ==
* [[Nginx#.Net_Core|NGINX configuration]]
* [[Asp.net_core_8#Service_file|Kestrel systemd service]]
= [[Cron]] =
By default the standard output and error of cron jobs are sent by email to the current user.<br>
With postfix installed, you can map system user like root to another mailbox with the {{boxx|/etc/aliases}} file.<br>
The use of {{boxx|cronic}} allow to send an email only if the cron job fails.
= Security =
* [[Iptables#Ban_IPs_with_ipsum|Ban IPs with ipsum]]
= System user =
<kode lang='bash'>
<kode lang='bash'>
wget https://releases.wikimedia.org/mediawiki/1.40/mediawiki-1.40.0.tar.gz
sudo useradd -r -N -s /sbin/nologin [username]
tar xf mediawiki-*.tar.gz
sudo mv -T mediawiki-* /var/www/mediawiki
{{info |
* [[Nginx#Mediawiki|NGINX configuration]]
* {{boxx|-r}} create a system account without home directory. Specify the {{boxx|-m}} options if you want a home directory to be created.
* [[Apache_et_ubuntu#Mediawiki|Apache Configuration]]
* {{boxx|-N}} do not create a group with the same name as the user.
* {{boxx|-s /sbin/nologin}} make the user unable to login.}}

= Applications =
= Applications =
Ligne 180 : Ligne 206 :
! Comment
! Comment
| MariaDB || 10.3.38 ||
| [https://github.com/aristocratos/btop btop] || 1.2.13 || resource monitor (snap)
| certbot || 2.6 || use snap (native 0.40)
| [[Dovecot]] || || Mail Delivery Agent
| MariaDB || 11.1.2 || use MariaDB repository (native 10.3.38)
| NGINX || 1.24 || use ondrej ppa (native 1.22)
| NGINX || 1.24 || use ondrej ppa (native 1.22)
| PHP || 8.2.8 || use ondrej ppa (native 7.4.3)
| PHP || 8.2.10 || use ondrej ppa (native 7.4.3)
| [[Postfix_et_ubuntu|Postfix]] || 3.4.13 || Mail Transfer Agent
| PostgreSQL || 15.4 || use PDGD repository (native 12.15)
| [https://wiki.archlinux.org/title/ReadyMedia Ready Media] || 1.2.1 || DLNA server
| [[Roundcube]] || 1.6.2 || Webmail, use [https://github.com/roundcube/roundcubemail/releases GitHub release] (native 1.4.3)
== Shell tools ==
{| class="wikitable wtp"
! Name
! Description
| [[Bash_command_line#bat|bat]] || A cat clone with syntax highlighting and Git integration. {{boxx|batcat}}
| [[Bash_command_line#dust|du-dust]] || more intuitive du {{boxx|unable to install}}
| [[Bash_command_line#exa|exa]] || modern replacement for ls {{boxx|unable to install}}
| [[Bash_command_line#fd|fd-find]] || file name search tool
| [[Bash_command_line#ripgrep|ripgrep]] || file content search tool
| [[Bash_command_line#tldr|tldr]] || simplified and community-driven man pages
| [[Bash_command_line#trash-cli|trash-cli]] || command line trash
== [[amule|Amule]] ==
{{info | Amule is not available in Ubuntu 20.04 repository, you have manually download deb packages.}}
<kode lang='bash'>
wget https://old-releases.ubuntu.com/ubuntu/pool/universe/a/amule/amule-daemon_2.3.2-6_arm64.deb
wget https://old-releases.ubuntu.com/ubuntu/pool/universe/a/amule/amule-common_2.3.2-6_all.deb
wget https://old-releases.ubuntu.com/ubuntu/pool/universe/a/amule/amule-utils_2.3.2-6_arm64.deb
ai ./amule-daemon_2.3.2-6_arm64.deb ./amule-common_2.3.2-6_all.deb ./amule-utils_2.3.2-6_arm64.deb
# test
sc-status amule-daemon.service
# create an amule user
sudo useradd -r -d /var/lib/amule-daemon -s /usr/sbin/nologin amule
sudo mkdir /var/lib/amule-daemon
sudo chown amule:amule /var/lib/amule-daemon
sc-restart amule-daemon.service
# generate md5 hash from password
echo -n 'password' | md5sum | cut -d ' ' -f1
<filebox fn='/etc/default/amule-daemon' lang='bash'>
# The init.d script will only run if this variable non-empty.
# You can set this variable to make the daemon use an alternative HOME.
# The daemon will use $AMULED_HOME/.aMule as the directory, so if you
# want to have $AMULED_HOME the real root (with an Incoming and Temp
# directories), you can do `ln -s . $AMULED_HOME/.aMule`.
<filebox fn='/var/lib/amule-daemon/.aMule/amule.conf' lang='ini'>

Dernière version du 5 mai 2024 à 17:16


Useful commande lignes

# updates
adg  # sudo apt update && sudo apt upgrade
sudo snap refresh

sudo reboot
sudo poweroff

APT (Advanced Package Tool)

zsh - oh my zsh

# install zsh
apt install zsh zsh-syntax-highlighting
# zsh install zsh-common

# install oh-my-zsh and set zsh as default shell for the current user
sh -c "$(wget -O- https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"

# don't store in history commands prefixed with a space (test with: history | tail)

# add hostname to PROMPT only for ssh connection
if [[ -n $SSH_CONNECTION ]]; then
    PROMPT="%m ${PROMPT}"

# must be loaded last
source /usr/share/zsh-syntax-highlighting/zsh-syntax-highlighting.zsh


  version: 2
  renderer: networkd
      dhcp4: yes
      # addresses: [192.168.0.x/24]
      # gateway4: 192.168.0.y
        addresses: [192.168.0.x, 192.168.0.y]  # set multiple DNS servers
# test the configuration, the configuration is applied for 120 seconds then reverted
sudo netplan try

# apply changes
sudo netplan apply
# creates the file /run/systemd/network/10-netplan-eth0.network

# check the DNS servers
systemd-resolve --status | grep 'DNS Servers' -A2

# display current DHCP lease
netplan ip leases [interface]

# debugging the generation of the file /run/systemd/network/10-netplan-eth0.network
sudo netplan --debug generate

UFW configuration

sudo ufw allow OpenSSH       # port 22
sudo ufw allow 'Nginx Full'  # port 80 443
sudo ufw allow DNS           # port 53 (dnsmasq)

PHP 8+

sudo add-apt-repository ppa:ondrej/php

sudo add-apt-repository ppa:ondrej/nginx-mainline  # new features, updates, bugfixes
sudo add-apt-repository ppa:ondrej/nginx           # no new features, major bugfixes only, annual release
sudo add-apt-repository ppa:ondrej/apache2


Doesn't seem to work with PHP 8.2 and Ubuntu 20.04
With Ubuntu 20.04, ondrej ppa and PHP 8.2 installed, the following dependencies are wrongly installed:
php7.4-cli php7.4-common php7.4-json php7.4-opcache php7.4-phpdbg php7.4-readline
 !!! UNABLE to load uWSGI plugin: libphp7.so: cannot open shared object file: No such file or directory !!!
# better use --plugin option instead of the following workaround
sudo ln -s /usr/lib/libphp8.so /usr/lib/libphp7.so


ai mariadb-server

# set root password, remove anonymous users, disallow root login remotely, remove test database
sudo mysql_secure_installation

# connection with unix_socket
sudo mariadb

Upgrade to MariaDB 11.1

# add MariaDB APT repository
curl -LsS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash -s -- --mariadb-server-version=11.1

# stop the service, then uninstall the version 10.3, then install the version 11
sc-stop mariadb-server
sudo apt remove mariadb-server
ai mariadb-server

mariadb -V  # test

PostgreSQL 15+

# add the postgre official package repository
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'
# import the GPG signing key for the repository
wget -qO- https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo tee /etc/apt/trusted.gpg.d/pgdg.asc &>/dev/null

# install specifically the version 15 instead of the meta-package postgresql to avoid unwanted upgrade
ai postgresql-15


On ARM, only manually installation is available (ref)
# download ASP.NET Core Runtime
wget https://download.visualstudio.microsoft.com/download/pr/53990197-c340-4514-b12f-a6c6580cc1b8/c25e55e6e23e7bc94701dc982525d66c/aspnetcore-runtime-7.0.13-linux-arm64.tar.gz

# extract the archive in the dotnet folder
mkdir dotnet
tar xf aspnetcore-runtime-*-linux-arm64.tar.gz -C dotnet

# backup old version
sudo mv /usr/share/dotnet /usr/share/dotnet7.0.12
sudo mv dotnet /usr/share
sudo chown root:root -R /usr/share/dotnet
sudo ln -s /usr/share/dotnet/dotnet /usr/bin/dotnet

dotnet --info  # test

# restart kestrel services
sc-restart kestrel-myapp-webapi.service


By default the standard output and error of cron jobs are sent by email to the current user.
With postfix installed, you can map system user like root to another mailbox with the /etc/aliases file.
The use of cronic allow to send an email only if the cron job fails.


System user

sudo useradd -r -N -s /sbin/nologin [username]
  • -r create a system account without home directory. Specify the -m options if you want a home directory to be created.
  • -N do not create a group with the same name as the user.
  • -s /sbin/nologin make the user unable to login.


Name Version Comment
btop 1.2.13 resource monitor (snap)
certbot 2.6 use snap (native 0.40)
Dovecot Mail Delivery Agent
MariaDB 11.1.2 use MariaDB repository (native 10.3.38)
NGINX 1.24 use ondrej ppa (native 1.22)
PHP 8.2.10 use ondrej ppa (native 7.4.3)
Postfix 3.4.13 Mail Transfer Agent
PostgreSQL 15.4 use PDGD repository (native 12.15)
Ready Media 1.2.1 DLNA server
Roundcube 1.6.2 Webmail, use GitHub release (native 1.4.3)

Shell tools

Name Description
bat A cat clone with syntax highlighting and Git integration. batcat
du-dust more intuitive du unable to install
exa modern replacement for ls unable to install
fd-find file name search tool
ripgrep file content search tool
tldr simplified and community-driven man pages
trash-cli command line trash


Amule is not available in Ubuntu 20.04 repository, you have manually download deb packages.
wget https://old-releases.ubuntu.com/ubuntu/pool/universe/a/amule/amule-daemon_2.3.2-6_arm64.deb
wget https://old-releases.ubuntu.com/ubuntu/pool/universe/a/amule/amule-common_2.3.2-6_all.deb
wget https://old-releases.ubuntu.com/ubuntu/pool/universe/a/amule/amule-utils_2.3.2-6_arm64.deb

ai ./amule-daemon_2.3.2-6_arm64.deb ./amule-common_2.3.2-6_all.deb ./amule-utils_2.3.2-6_arm64.deb

# test
sc-status amule-daemon.service

# create an amule user
sudo useradd -r -d /var/lib/amule-daemon -s /usr/sbin/nologin amule
sudo mkdir /var/lib/amule-daemon
sudo chown amule:amule /var/lib/amule-daemon
sc-restart amule-daemon.service

# generate md5 hash from password
echo -n 'password' | md5sum | cut -d ' ' -f1
# The init.d script will only run if this variable non-empty.

# You can set this variable to make the daemon use an alternative HOME.
# The daemon will use $AMULED_HOME/.aMule as the directory, so if you
# want to have $AMULED_HOME the real root (with an Incoming and Temp
# directories), you can do `ln -s . $AMULED_HOME/.aMule`.
