« Ubuntu arm 20.04 » : différence entre les versions

De Banane Atomic
Aller à la navigationAller à la recherche
 
Ligne 181 : Ligne 181 :


* [[Nginx#.Net_Core|NGINX configuration]]
* [[Nginx#.Net_Core|NGINX configuration]]
* [[Asp.net_core_7#Service_file|Kestrel systemd service]]
* [[Asp.net_core_8#Service_file|Kestrel systemd service]]


= [[Cron]] =
= [[Cron]] =

Dernière version du 5 mai 2024 à 17:16

Links

Useful commande lignes

Bash.svg 
# updates
adg  # sudo apt update && sudo apt upgrade
sudo snap refresh

sudo reboot
sudo poweroff

APT (Advanced Package Tool)

zsh - oh my zsh

Bash.svg 
# install zsh
apt install zsh zsh-syntax-highlighting
# zsh install zsh-common

# install oh-my-zsh and set zsh as default shell for the current user
sh -c "$(wget -O- https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"
~/.zshrc 
plugins=(
    alias-finder
    colored-man-pages
    common-aliases
    copybuffer
    debian
    extract
    fd
    git
    ripgrep
    sudo
    systemd
    wd)

# don't store in history commands prefixed with a space (test with: history | tail)
setopt HIST_IGNORE_SPACE

# add hostname to PROMPT only for ssh connection
if [[ -n $SSH_CONNECTION ]]; then
    PROMPT="%m ${PROMPT}"
fi

# must be loaded last
source /usr/share/zsh-syntax-highlighting/zsh-syntax-highlighting.zsh

netplan

/etc/netplan/01-netcfg.yaml 
network:
  version: 2
  renderer: networkd
  ethernets:
    eth0:
      dhcp4: yes
      # addresses: [192.168.0.x/24]
      # gateway4: 192.168.0.y
      nameservers:
        addresses: [192.168.0.x, 192.168.0.y]  # set multiple DNS servers
Bash.svg 
# test the configuration, the configuration is applied for 120 seconds then reverted
sudo netplan try

# apply changes
sudo netplan apply
# creates the file /run/systemd/network/10-netplan-eth0.network

# check the DNS servers
systemd-resolve --status | grep 'DNS Servers' -A2

# display current DHCP lease
netplan ip leases [interface]

# debugging the generation of the file /run/systemd/network/10-netplan-eth0.network
sudo netplan --debug generate

UFW configuration

Bash.svg 
sudo ufw allow OpenSSH       # port 22
sudo ufw allow 'Nginx Full'  # port 80 443
sudo ufw allow DNS           # port 53 (dnsmasq)

PHP 8+

Bash.svg 
sudo add-apt-repository ppa:ondrej/php

sudo add-apt-repository ppa:ondrej/nginx-mainline  # new features, updates, bugfixes
sudo add-apt-repository ppa:ondrej/nginx           # no new features, major bugfixes only, annual release
sudo add-apt-repository ppa:ondrej/apache2

uWSGI

Doesn't seem to work with PHP 8.2 and Ubuntu 20.04
With Ubuntu 20.04, ondrej ppa and PHP 8.2 installed, the following dependencies are wrongly installed:
php7.4-cli php7.4-common php7.4-json php7.4-opcache php7.4-phpdbg php7.4-readline
 !!! UNABLE to load uWSGI plugin: libphp7.so: cannot open shared object file: No such file or directory !!!
Bash.svg 
# better use --plugin option instead of the following workaround
sudo ln -s /usr/lib/libphp8.so /usr/lib/libphp7.so

MariaDB

Bash.svg 
ai mariadb-server

# set root password, remove anonymous users, disallow root login remotely, remove test database
sudo mysql_secure_installation

# connection with unix_socket
sudo mariadb

Upgrade to MariaDB 11.1

Bash.svg 
# add MariaDB APT repository
curl -LsS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash -s -- --mariadb-server-version=11.1

# stop the service, then uninstall the version 10.3, then install the version 11
sc-stop mariadb-server
sudo apt remove mariadb-server
ai mariadb-server

mariadb -V  # test

PostgreSQL 15+

Bash.svg 
# add the postgre official package repository
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'
# import the GPG signing key for the repository
wget -qO- https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo tee /etc/apt/trusted.gpg.d/pgdg.asc &>/dev/null

# install specifically the version 15 instead of the meta-package postgresql to avoid unwanted upgrade
ai postgresql-15

.NET

On ARM, only manually installation is available (ref)
Bash.svg 
# download ASP.NET Core Runtime
wget https://download.visualstudio.microsoft.com/download/pr/53990197-c340-4514-b12f-a6c6580cc1b8/c25e55e6e23e7bc94701dc982525d66c/aspnetcore-runtime-7.0.13-linux-arm64.tar.gz

# extract the archive in the dotnet folder
mkdir dotnet
tar xf aspnetcore-runtime-*-linux-arm64.tar.gz -C dotnet

# backup old version
sudo mv /usr/share/dotnet /usr/share/dotnet7.0.12
sudo mv dotnet /usr/share
sudo chown root:root -R /usr/share/dotnet
sudo ln -s /usr/share/dotnet/dotnet /usr/bin/dotnet

dotnet --info  # test

# restart kestrel services
sc-restart kestrel-myapp-webapi.service

Cron

By default the standard output and error of cron jobs are sent by email to the current user.
With postfix installed, you can map system user like root to another mailbox with the /etc/aliases file.
The use of cronic allow to send an email only if the cron job fails.

Security

System user

Bash.svg 
sudo useradd -r -N -s /sbin/nologin [username]
  • -r create a system account without home directory. Specify the -m options if you want a home directory to be created.
  • -N do not create a group with the same name as the user.
  • -s /sbin/nologin make the user unable to login.

Applications

Name Version Comment
btop 1.2.13 resource monitor (snap)
certbot 2.6 use snap (native 0.40)
Dovecot 2.3.7.2 Mail Delivery Agent
MariaDB 11.1.2 use MariaDB repository (native 10.3.38)
NGINX 1.24 use ondrej ppa (native 1.22)
PHP 8.2.10 use ondrej ppa (native 7.4.3)
Postfix 3.4.13 Mail Transfer Agent
PostgreSQL 15.4 use PDGD repository (native 12.15)
Ready Media 1.2.1 DLNA server
Roundcube 1.6.2 Webmail, use GitHub release (native 1.4.3)

Shell tools

Name Description
bat A cat clone with syntax highlighting and Git integration. batcat
du-dust more intuitive du unable to install
exa modern replacement for ls unable to install
fd-find file name search tool
ripgrep file content search tool
tldr simplified and community-driven man pages
trash-cli command line trash

Amule

Amule is not available in Ubuntu 20.04 repository, you have manually download deb packages.
Bash.svg 
wget https://old-releases.ubuntu.com/ubuntu/pool/universe/a/amule/amule-daemon_2.3.2-6_arm64.deb
wget https://old-releases.ubuntu.com/ubuntu/pool/universe/a/amule/amule-common_2.3.2-6_all.deb
wget https://old-releases.ubuntu.com/ubuntu/pool/universe/a/amule/amule-utils_2.3.2-6_arm64.deb

ai ./amule-daemon_2.3.2-6_arm64.deb ./amule-common_2.3.2-6_all.deb ./amule-utils_2.3.2-6_arm64.deb

# test
sc-status amule-daemon.service

# create an amule user
sudo useradd -r -d /var/lib/amule-daemon -s /usr/sbin/nologin amule
sudo mkdir /var/lib/amule-daemon
sudo chown amule:amule /var/lib/amule-daemon
sc-restart amule-daemon.service

# generate md5 hash from password
echo -n 'password' | md5sum | cut -d ' ' -f1
/etc/default/amule-daemon 
# The init.d script will only run if this variable non-empty.
AMULED_USER="amule"

# You can set this variable to make the daemon use an alternative HOME.
# The daemon will use $AMULED_HOME/.aMule as the directory, so if you
# want to have $AMULED_HOME the real root (with an Incoming and Temp
# directories), you can do `ln -s . $AMULED_HOME/.aMule`.
AMULED_HOME="/var/lib/amule-daemon"
/var/lib/amule-daemon/.aMule/amule.conf 
Port=4662
UDPPort=4672
TempDir=/var/lib/amule-daemon/.aMule/Temp
IncomingDir=/var/lib/amule-daemon/.aMule/Incoming

[ExternalConnect]
AcceptExternalConnections=1
ECPort=4712
ECPassword=MD5hash
Récupérée de « http://wiki.bananeatomic.fr/index.php?title=Ubuntu_arm_20.04&oldid=30654 »