« Ubuntu arm 20.04 » : différence entre les versions
De Banane Atomic
Aller à la navigationAller à la recherche
(→.NET) |
|||
| (61 versions intermédiaires par le même utilisateur non affichées) | |||
| Ligne 124 : | Ligne 124 : | ||
<kode lang='bash'> | <kode lang='bash'> | ||
ai mariadb-server | ai mariadb-server | ||
# set root password, remove anonymous users, disallow root login remotely, remove test database | |||
sudo mysql_secure_installation | |||
# connection with unix_socket | # connection with unix_socket | ||
| Ligne 129 : | Ligne 132 : | ||
</kode> | </kode> | ||
= [https:// | == [https://computingforgeeks.com/how-to-install-mariadb-11-on-ubuntu/?expand_article=1 Upgrade to MariaDB 11.1] == | ||
<kode lang='bash'> | |||
# add MariaDB APT repository | |||
curl -LsS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash -s -- --mariadb-server-version=11.1 | |||
# stop the service, then uninstall the version 10.3, then install the version 11 | |||
sc-stop mariadb-server | |||
sudo apt remove mariadb-server | |||
ai mariadb-server | |||
mariadb -V # test | |||
</kode> | |||
= [https://wiki.postgresql.org/wiki/Apt PostgreSQL 15+] = | |||
<kode lang='bash'> | <kode lang='bash'> | ||
# add the postgre official package repository | # add the postgre official package repository | ||
| Ligne 136 : | Ligne 152 : | ||
wget -qO- https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo tee /etc/apt/trusted.gpg.d/pgdg.asc &>/dev/null | wget -qO- https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo tee /etc/apt/trusted.gpg.d/pgdg.asc &>/dev/null | ||
ai postgresql | # install specifically the version 15 instead of the meta-package postgresql to avoid unwanted upgrade | ||
ai postgresql-15 | |||
</kode> | |||
* [[PostgreSQL_and_Ubuntu|PostgreSQL_and_Ubuntu]] | |||
= [https://learn.microsoft.com/en-us/dotnet/core/install/linux-scripted-manual#manual-install .NET] = | |||
{{info | On ARM, only manually installation is available [https://learn.microsoft.com/en-us/dotnet/core/install/linux-ubuntu#unable-to-find-package (ref)]}} | |||
* Download [https://dotnet.microsoft.com/en-us/download/dotnet/7.0 .NET 7.0], [https://dotnet.microsoft.com/en-us/download/dotnet/8.0 .NET 8.0] | |||
<kode lang='bash'> | |||
# download ASP.NET Core Runtime | |||
wget https://download.visualstudio.microsoft.com/download/pr/53990197-c340-4514-b12f-a6c6580cc1b8/c25e55e6e23e7bc94701dc982525d66c/aspnetcore-runtime-7.0.13-linux-arm64.tar.gz | |||
# extract the archive in the dotnet folder | |||
mkdir dotnet | |||
tar xf aspnetcore-runtime-*-linux-arm64.tar.gz -C dotnet | |||
# backup old version | |||
sudo mv /usr/share/dotnet /usr/share/dotnet7.0.12 | |||
sudo mv dotnet /usr/share | |||
sudo chown root:root -R /usr/share/dotnet | |||
sudo ln -s /usr/share/dotnet/dotnet /usr/bin/dotnet | |||
dotnet --info # test | |||
# restart kestrel services | |||
sc-restart kestrel-myapp-webapi.service | |||
</kode> | |||
* [[Nginx#.Net_Core|NGINX configuration]] | |||
* [[Asp.net_core_8#Service_file|Kestrel systemd service]] | |||
= [[Cron]] = | |||
By default the standard output and error of cron jobs are sent by email to the current user.<br> | |||
With postfix installed, you can map system user like root to another mailbox with the {{boxx|/etc/aliases}} file.<br> | |||
The use of {{boxx|cronic}} allow to send an email only if the cron job fails. | |||
= Security = | |||
* [[Iptables#Ban_IPs_with_ipsum|Ban IPs with ipsum]] | |||
= System user = | |||
<kode lang='bash'> | |||
sudo useradd -r -N -s /sbin/nologin [username] | |||
</kode> | </kode> | ||
{{info | | |||
* {{boxx|-r}} create a system account without home directory. Specify the {{boxx|-m}} options if you want a home directory to be created. | |||
* {{boxx|-N}} do not create a group with the same name as the user. | |||
* {{boxx|-s /sbin/nologin}} make the user unable to login.}} | |||
= Applications = | = Applications = | ||
| Ligne 147 : | Ligne 208 : | ||
| [https://github.com/aristocratos/btop btop] || 1.2.13 || resource monitor (snap) | | [https://github.com/aristocratos/btop btop] || 1.2.13 || resource monitor (snap) | ||
|- | |- | ||
| MariaDB || 10.3.38 | | certbot || 2.6 || use snap (native 0.40) | ||
|- | |||
| [[Dovecot]] || 2.3.7.2 || Mail Delivery Agent | |||
|- | |||
| MariaDB || 11.1.2 || use MariaDB repository (native 10.3.38) | |||
|- | |- | ||
| NGINX || 1.24 || use ondrej ppa (native 1.22) | | NGINX || 1.24 || use ondrej ppa (native 1.22) | ||
|- | |- | ||
| PHP || 8.2. | | PHP || 8.2.10 || use ondrej ppa (native 7.4.3) | ||
|- | |||
| [[Postfix_et_ubuntu|Postfix]] || 3.4.13 || Mail Transfer Agent | |||
|- | |||
| PostgreSQL || 15.4 || use PDGD repository (native 12.15) | |||
|- | |||
| [https://wiki.archlinux.org/title/ReadyMedia Ready Media] || 1.2.1 || DLNA server | |||
|- | |||
| [[Roundcube]] || 1.6.2 || Webmail, use [https://github.com/roundcube/roundcubemail/releases GitHub release] (native 1.4.3) | |||
|} | |} | ||
| Ligne 173 : | Ligne 246 : | ||
| [[Bash_command_line#trash-cli|trash-cli]] || command line trash | | [[Bash_command_line#trash-cli|trash-cli]] || command line trash | ||
|} | |} | ||
== [[amule|Amule]] == | |||
{{info | Amule is not available in Ubuntu 20.04 repository, you have manually download deb packages.}} | |||
<kode lang='bash'> | |||
wget https://old-releases.ubuntu.com/ubuntu/pool/universe/a/amule/amule-daemon_2.3.2-6_arm64.deb | |||
wget https://old-releases.ubuntu.com/ubuntu/pool/universe/a/amule/amule-common_2.3.2-6_all.deb | |||
wget https://old-releases.ubuntu.com/ubuntu/pool/universe/a/amule/amule-utils_2.3.2-6_arm64.deb | |||
ai ./amule-daemon_2.3.2-6_arm64.deb ./amule-common_2.3.2-6_all.deb ./amule-utils_2.3.2-6_arm64.deb | |||
# test | |||
sc-status amule-daemon.service | |||
# create an amule user | |||
sudo useradd -r -d /var/lib/amule-daemon -s /usr/sbin/nologin amule | |||
sudo mkdir /var/lib/amule-daemon | |||
sudo chown amule:amule /var/lib/amule-daemon | |||
sc-restart amule-daemon.service | |||
# generate md5 hash from password | |||
echo -n 'password' | md5sum | cut -d ' ' -f1 | |||
</kode> | |||
<filebox fn='/etc/default/amule-daemon' lang='bash'> | |||
# The init.d script will only run if this variable non-empty. | |||
AMULED_USER="amule" | |||
# You can set this variable to make the daemon use an alternative HOME. | |||
# The daemon will use $AMULED_HOME/.aMule as the directory, so if you | |||
# want to have $AMULED_HOME the real root (with an Incoming and Temp | |||
# directories), you can do `ln -s . $AMULED_HOME/.aMule`. | |||
AMULED_HOME="/var/lib/amule-daemon" | |||
</filebox> | |||
<filebox fn='/var/lib/amule-daemon/.aMule/amule.conf' lang='ini'> | |||
Port=4662 | |||
UDPPort=4672 | |||
TempDir=/var/lib/amule-daemon/.aMule/Temp | |||
IncomingDir=/var/lib/amule-daemon/.aMule/Incoming | |||
[ExternalConnect] | |||
AcceptExternalConnections=1 | |||
ECPort=4712 | |||
ECPassword=MD5hash | |||
</filebox> | |||
Dernière version du 5 mai 2024 à 17:16
Links
Useful commande lignes
|
# updates adg # sudo apt update && sudo apt upgrade sudo snap refresh sudo reboot sudo poweroff |
APT (Advanced Package Tool)
zsh - oh my zsh
|
|
# install zsh apt install zsh zsh-syntax-highlighting # zsh install zsh-common # install oh-my-zsh and set zsh as default shell for the current user sh -c "$(wget -O- https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" |
| ~/.zshrc |
plugins=(
alias-finder
colored-man-pages
common-aliases
copybuffer
debian
extract
fd
git
ripgrep
sudo
systemd
wd)
# don't store in history commands prefixed with a space (test with: history | tail)
setopt HIST_IGNORE_SPACE
# add hostname to PROMPT only for ssh connection
if [[ -n $SSH_CONNECTION ]]; then
PROMPT="%m ${PROMPT}"
fi
# must be loaded last
source /usr/share/zsh-syntax-highlighting/zsh-syntax-highlighting.zsh
|
- zsh-antigen: plugin manager
- zsh-autosuggestions: autosuggestions
- zsh-syntax-highlighting: syntax highlighting
- zsh-theme-powerlevel9k: theme (deprecated)
netplan
| /etc/netplan/01-netcfg.yaml |
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: yes
# addresses: [192.168.0.x/24]
# gateway4: 192.168.0.y
nameservers:
addresses: [192.168.0.x, 192.168.0.y] # set multiple DNS servers
|
|
|
# test the configuration, the configuration is applied for 120 seconds then reverted sudo netplan try # apply changes sudo netplan apply # creates the file /run/systemd/network/10-netplan-eth0.network # check the DNS servers systemd-resolve --status | grep 'DNS Servers' -A2 # display current DHCP lease netplan ip leases [interface] # debugging the generation of the file /run/systemd/network/10-netplan-eth0.network sudo netplan --debug generate |
UFW configuration
|
|
sudo ufw allow OpenSSH # port 22 sudo ufw allow 'Nginx Full' # port 80 443 sudo ufw allow DNS # port 53 (dnsmasq) |
PHP 8+
|
|
sudo add-apt-repository ppa:ondrej/php sudo add-apt-repository ppa:ondrej/nginx-mainline # new features, updates, bugfixes sudo add-apt-repository ppa:ondrej/nginx # no new features, major bugfixes only, annual release sudo add-apt-repository ppa:ondrej/apache2 |
uWSGI
 |
Doesn't seem to work with PHP 8.2 and Ubuntu 20.04 |
|
With Ubuntu 20.04, ondrej ppa and PHP 8.2 installed, the following dependencies are wrongly installed: php7.4-cli php7.4-common php7.4-json php7.4-opcache php7.4-phpdbg php7.4-readline |
|
!!! UNABLE to load uWSGI plugin: libphp7.so: cannot open shared object file: No such file or directory !!! |
|
|
# better use --plugin option instead of the following workaround sudo ln -s /usr/lib/libphp8.so /usr/lib/libphp7.so |
MariaDB
|
|
ai mariadb-server # set root password, remove anonymous users, disallow root login remotely, remove test database sudo mysql_secure_installation # connection with unix_socket sudo mariadb |
Upgrade to MariaDB 11.1
|
|
# add MariaDB APT repository curl -LsS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash -s -- --mariadb-server-version=11.1 # stop the service, then uninstall the version 10.3, then install the version 11 sc-stop mariadb-server sudo apt remove mariadb-server ai mariadb-server mariadb -V # test |
PostgreSQL 15+
|
|
# add the postgre official package repository sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list' # import the GPG signing key for the repository wget -qO- https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo tee /etc/apt/trusted.gpg.d/pgdg.asc &>/dev/null # install specifically the version 15 instead of the meta-package postgresql to avoid unwanted upgrade ai postgresql-15 |
.NET
 |
On ARM, only manually installation is available (ref) |
|
|
# download ASP.NET Core Runtime wget https://download.visualstudio.microsoft.com/download/pr/53990197-c340-4514-b12f-a6c6580cc1b8/c25e55e6e23e7bc94701dc982525d66c/aspnetcore-runtime-7.0.13-linux-arm64.tar.gz # extract the archive in the dotnet folder mkdir dotnet tar xf aspnetcore-runtime-*-linux-arm64.tar.gz -C dotnet # backup old version sudo mv /usr/share/dotnet /usr/share/dotnet7.0.12 sudo mv dotnet /usr/share sudo chown root:root -R /usr/share/dotnet sudo ln -s /usr/share/dotnet/dotnet /usr/bin/dotnet dotnet --info # test # restart kestrel services sc-restart kestrel-myapp-webapi.service |
Cron
By default the standard output and error of cron jobs are sent by email to the current user.
With postfix installed, you can map system user like root to another mailbox with the /etc/aliases file.
The use of cronic allow to send an email only if the cron job fails.
Security
System user
|
|
sudo useradd -r -N -s /sbin/nologin [username] |
|
|
Applications
| Name | Version | Comment |
|---|---|---|
| btop | 1.2.13 | resource monitor (snap) |
| certbot | 2.6 | use snap (native 0.40) |
| Dovecot | 2.3.7.2 | Mail Delivery Agent |
| MariaDB | 11.1.2 | use MariaDB repository (native 10.3.38) |
| NGINX | 1.24 | use ondrej ppa (native 1.22) |
| PHP | 8.2.10 | use ondrej ppa (native 7.4.3) |
| Postfix | 3.4.13 | Mail Transfer Agent |
| PostgreSQL | 15.4 | use PDGD repository (native 12.15) |
| Ready Media | 1.2.1 | DLNA server |
| Roundcube | 1.6.2 | Webmail, use GitHub release (native 1.4.3) |
Shell tools
| Name | Description |
|---|---|
| bat | A cat clone with syntax highlighting and Git integration. batcat |
| du-dust | more intuitive du unable to install |
| exa | modern replacement for ls unable to install |
| fd-find | file name search tool |
| ripgrep | file content search tool |
| tldr | simplified and community-driven man pages |
| trash-cli | command line trash |
Amule
|
Amule is not available in Ubuntu 20.04 repository, you have manually download deb packages. |
|
|
wget https://old-releases.ubuntu.com/ubuntu/pool/universe/a/amule/amule-daemon_2.3.2-6_arm64.deb wget https://old-releases.ubuntu.com/ubuntu/pool/universe/a/amule/amule-common_2.3.2-6_all.deb wget https://old-releases.ubuntu.com/ubuntu/pool/universe/a/amule/amule-utils_2.3.2-6_arm64.deb ai ./amule-daemon_2.3.2-6_arm64.deb ./amule-common_2.3.2-6_all.deb ./amule-utils_2.3.2-6_arm64.deb # test sc-status amule-daemon.service # create an amule user sudo useradd -r -d /var/lib/amule-daemon -s /usr/sbin/nologin amule sudo mkdir /var/lib/amule-daemon sudo chown amule:amule /var/lib/amule-daemon sc-restart amule-daemon.service # generate md5 hash from password echo -n 'password' | md5sum | cut -d ' ' -f1 |
| /etc/default/amule-daemon |
# The init.d script will only run if this variable non-empty. AMULED_USER="amule" # You can set this variable to make the daemon use an alternative HOME. # The daemon will use $AMULED_HOME/.aMule as the directory, so if you # want to have $AMULED_HOME the real root (with an Incoming and Temp # directories), you can do `ln -s . $AMULED_HOME/.aMule`. AMULED_HOME="/var/lib/amule-daemon" |
| /var/lib/amule-daemon/.aMule/amule.conf |
Port=4662 UDPPort=4672 TempDir=/var/lib/amule-daemon/.aMule/Temp IncomingDir=/var/lib/amule-daemon/.aMule/Incoming [ExternalConnect] AcceptExternalConnections=1 ECPort=4712 ECPassword=MD5hash |
