Skip to content

1. Copy Paste Linux

Jump to bottom Edit New page
lucian voinea edited this page May 25, 2016 · 47 revisions

Copy/Paste Linux

Install ubuntu 14 (LTS)

Follow the wizard 😉

SSH install

sudo apt-get update
sudo apt-get install nano openssh-server

Configure network and hostname

Update network configuration to use a static IP address

sudo nano /etc/network/interfaces_home

File content:

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto enp0s3
iface enp0s3 inet static
address 192.168.0.30
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
gateway 192.168.0.1
dns-nameservers 192.168.0.1

Update hosts

sudo nano /etc/hosts_home

File content:

127.0.0.1      localhost
192.168.0.30    dev

sudo nano /etc/network/interfaces_work

File content:

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto enp0s3
iface enp0s3 inet static
address 192.168.1.130
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1
dns-nameservers 192.168.1.1

Update hosts

sudo nano /etc/hosts_work

File content:

127.0.0.1      localhost
192.168.1.130    dev

sudo nano /etc/network/interfaces_host_only

File content:

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto enp0s3
iface enp0s3 inet dhcp

# The secondary network interface
auto enp0s8
iface enp0s8 inet static
address 192.168.56.101
netmask 255.255.255.0
network 192.168.56.0
broadcast 192.168.56.255

Update hosts

sudo nano /etc/hosts_host_only

File content:

127.0.0.1      localhost
192.168.56.101    dev

Update hostname

sudo nano /etc/hostname

File content:

dev

sudo service hostname restart

Both should show dev now

sudo hostname
sudo hostname -f

Switch between interfaces

sudo nano /etc/bash.bashrc

Append to configuration file:

alias activate_home='sudo cp /etc/network/interfaces_home /etc/network/interfaces && sudo cp /etc/hosts_home /etc/hosts && sudo ifdown -a && sudo ifup -a'

alias activate_work='sudo cp /etc/network/interfaces_work /etc/network/interfaces && sudo cp /etc/hosts_work /etc/hosts && sudo ifdown -a && sudo ifup -a'

alias activate_host_only='sudo cp /etc/network/interfaces_host_only /etc/network/interfaces && sudo cp /etc/hosts_host_only /etc/hosts && sudo ifdown -a && sudo ifup -a'

alias byebye='sudo shutdown -h now'

Reboot to take effect

sudo reboot

Activate home network

activate_home

Disable ipv6

sudo nano /etc/sysctl.conf

Append to configuration file:

# IPv6 disabled
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
sudo sysctl -p

Install updates and reboot

Update the apt package database

sudo apt-get update

Install the latest updates

sudo apt-get upgrade

Reboot

sudo reboot

SSH config

sudo nano /etc/ssh/sshd_config

Update existing settings:

Port 1022
PermitRootLogin no

ChallengeResponseAuthentication no
GSSAPIAuthentication no
RSAAuthentication no
RhostsRSAAuthentication no
KerberosAuthentication no

PasswordAuthentication yes
PubkeyAuthentication yes

Append to configuration file:

MaxAuthTries 2
UseDNS no
AddressFamily inet

Restart service

sudo service ssh restart
Login with PUTTY

Remember sudo password

sudo nano /etc/sudoers.d/vexxx

File content:

vexxx ALL=(ALL) NOPASSWD: ALL

Change the default shell to bash <-- No

sudo dpkg-reconfigure dash

Disable AppArmor

You don't need it to configure a secure system, and it usually causes more problems than advantages

# stop service
sudo service apparmor stop

# remove from startup
sudo update-rc.d -f apparmor remove

# uninstall
sudo apt-get remove apparmor apparmor-utils

Synchronize the system clock with a NTP (network time protocol) server over the Internet

sudo apt-get install ntp ntpdate

Enable firewall

sudo apt-get install ufw
sudo nano /etc/default/ufw

Update the configuration file:

IPV6=no

sudo ufw enable
sudo ufw allow 1022
sudo ufw default deny
// HTTP ports
sudo ufw allow 80 && sudo ufw allow 1080 && sudo ufw allow 443
// MySQL ports
sudo ufw allow 1306
// Email ports
sudo ufw allow 465 && sudo ufw allow 25 && sudo ufw allow 587 && sudo ufw allow 143 && sudo ufw allow 993 && sudo ufw allow 110 && sudo ufw allow 995

Install MySQL

sudo apt-get install mysql-server-5.7
sudo mysql_secure_installation
sudo nano /etc/mysql/conf.d/dev.cnf

File content:

[mysqld]

#The server's default character set.
character-set-server=utf8

#The server's default collation.
collation-server=utf8_general_ci

# Change default port
port=1306

# Disable DNS lookup
skip-name-resolve

bind-address = 0.0.0.0

sudo nano /etc/mysql/my.cnf

Append to configuration file:

!include /etc/mysql/conf.d/dev.cnf
sudo service mysql restart

Check is MySQL is using the corect port

sudo netstat -tapln

Install webserver

sudo add-apt-repository ppa:ondrej/apache2
sudo apt-get update

sudo apt-get install apache2
sudo nano /etc/apache2/sites-available/dev.conf

File content:

ServerName dev

# For HTTPS Support
Protocols h2 http/1.1

# For HTTP Support
Protocols h2c http/1.1

<VirtualHost *:80>
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/vhosts/dev/web
        ErrorLog ${APACHE_LOG_DIR}/dev-error.log
        CustomLog ${APACHE_LOG_DIR}/dev-access.log combined
</VirtualHost>

<Directory "/var/www/vhosts/dev/web">

        Options FollowSymlinks
        AllowOverride None
        Require all granted

        <IfModule mod_dir.c>
            DirectoryIndex app.php
        </IfModule>

        <IfModule mod_negotiation.c>
                Options -MultiViews
        </IfModule>

        <IfModule mod_rewrite.c>
                RewriteEngine On

                RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$
                RewriteRule ^(.*) - [E=BASE:%1]

                RewriteCond %{HTTP:Authorization} .
                RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

                RewriteCond %{ENV:REDIRECT_STATUS} ^$
                RewriteRule ^app\.php(?:/(.*)|$) %{ENV:BASE}/$1 [R=301,L]

                RewriteCond %{REQUEST_FILENAME} -f
                RewriteRule ^ - [L]

                RewriteRule ^ %{ENV:BASE}/app.php [L]
        </IfModule>

        <IfModule !mod_rewrite.c>
                <IfModule mod_alias.c>
                        RedirectMatch 302 ^/$ /app.php/
                </IfModule>
        </IfModule>

</Directory>

Configuration for dev branch

sudo nano /etc/apache2/sites-available/dev-develop.conf

File content:

<VirtualHost *:1080>
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/vhosts/dev-develop/web
        ErrorLog ${APACHE_LOG_DIR}/dev-develop-error.log
        CustomLog ${APACHE_LOG_DIR}/dev-develop-access.log combined
</VirtualHost>

<Directory "/var/www/vhosts/dev-develop/web">

        Options FollowSymlinks
        AllowOverride None
        Require all granted

        DirectoryIndex app.php

        <IfModule mod_negotiation.c>
                Options -MultiViews
        </IfModule>

        <IfModule mod_rewrite.c>
                RewriteEngine On

                RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$
                RewriteRule ^(.*) - [E=BASE:%1]

                RewriteCond %{HTTP:Authorization} .
                RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

                RewriteCond %{ENV:REDIRECT_STATUS} ^$
                RewriteRule ^app\.php(?:/(.*)|$) %{ENV:BASE}/$1 [R=301,L]

                RewriteCond %{REQUEST_FILENAME} -f
                RewriteRule ^ - [L]

                RewriteRule ^ %{ENV:BASE}/app.php [L]
        </IfModule>

        <IfModule !mod_rewrite.c>
                <IfModule mod_alias.c>
                        RedirectMatch 302 ^/$ /app.php/
                </IfModule>
        </IfModule>

</Directory>

sudo a2enmod rewrite
sudo a2enmod http2

sudo a2ensite dev
sudo a2ensite dev-develop
sudo a2dissite 000-default

sudo service apache2 restart
sudo service apache2 reload
sudo nano /etc/apache2/ports.conf

Append to configuration file:

Listen 1080

Location for main configuration file

sudo nano /etc/apache2/apache2.conf

Install PHP and modules

sudo add-apt-repository ppa:ondrej/php
sudo apt-get update

sudo apt-get install libapache2-mod-php7.0 php7.0 php7.0-mysql php7.0-imap php7.0-intl php7.0-mcrypt php7.0-curl php7.0-xml php-apcu

sudo apt-get install libapache2-mod-php5 php5 php5-mysql php5-imap php5-intl php5-mcrypt php5-apcu php5-curl
sudo phpenmod mcrypt

sudo php5enmod mcrypt
# sudo php5dismod xdebug
sudo nano /etc/php/7.0/mods-available/dev.ini

sudo nano /etc/php5/mods-available/dev.ini

File content:

; DEV configuration
; priority=40

session.name = __utnd
date.timezone = Europe/Bucharest

short_open_tag = Off
magic_quotes_gpc = Off
register_globals = Off
session.autostart = Off

expose_php = Off

max_execution_time = 30
max_input_time = 30

; xdebug.max_nesting_level = 250
sudo phpenmod dev
# sudo ln -s /etc/php/mods-available/dev.ini /etc/php/7.0/apache2/conf.d/40-dev.ini

sudo php5enmod dev
sudo nano /etc/php/7.0/mods-available/apcu.ini

sudo nano /etc/php5/mods-available/apcu.ini

Append to configuration file:

apc.enabled = 1
apc.enable_cli = 0
apc.shm_size = 32M
apc.enable_opcode_cache = 0
sudo nano /etc/php/7.0/mods-available/opcache.ini

sudo nano /etc/php5/mods-available/opcache.ini

Append to configuration file:

opcache.memory_consumption = 512
opcache.max_accelerated_files = 50000
sudo service apache2 restart
sudo service apache2 reload

Install composer

curl -sS https://getcomposer.org/installer | sudo php -- --install-dir=/usr/local/bin --filename=composer

Install git

sudo apt-get install git
sudo adduser git
sudo passwd git
su git
cd
mkdir .ssh
touch .ssh/authorized_keys
chmod 700 .ssh
chmod 640 .ssh/authorized_keys
exit

# Client Side

ssh-keygen -t rsa -C "[email protected]"
cat ~/.ssh/id_rsa.pub | ssh -p 1022 [email protected] 'cat >> .ssh/authorized_keys'

# Server Side

Remove git password and shell

sudo passwd -d git
sudo nano /etc/passwd

Append to configuration file:

git:x:1001:1001:,,,:/home/git:/usr/bin/git-shell

sudo apt-get install acl
sudo mkdir /var/www/vhosts
sudo mkdir /var/www/vhosts/dev
sudo setfacl -R -m u:git:rwX -m u:root:rwX /var/www/vhosts/dev
sudo setfacl -dR -m u:git:rwX -m u:root:rwX /var/www/vhosts/dev

sudo mkdir /var/www/vhosts/dev-develop
sudo setfacl -R -m u:git:rwX -m u:root:rwX /var/www/vhosts/dev-develop
sudo setfacl -dR -m u:git:rwX -m u:root:rwX /var/www/vhosts/dev-develop
sudo mkdir /var/git
sudo mkdir /var/git/vhosts
sudo mkdir /var/git/vhosts/dev
sudo setfacl -R -m u:git:rwX -m u:root:rwX /var/git/vhosts/dev
sudo setfacl -dR -m u:git:rwX -m u:root:rwX /var/git/vhosts/dev
cd /var/git/vhosts/dev
sudo git init --bare
sudo nano hooks/post-receive

File content:

#!/bin/sh
#GIT_WORK_TREE=/var/www/vhosts/dev git checkout -f

while read oldrev newrev ref
do
    branch=`echo $ref | cut -d/ -f3`

    if [ "master" == "$branch" ]; then
        git --work-tree=/var/www/vhosts/dev checkout -f $branch
        if git diff --name-only $oldrev $newrev | grep -q '.scss$'; then
            gulp --cwd=/var/www/vhosts/dev/bin  compileScss
        fi
    fi

    if [ "develop" == "$branch" ]; then
        git --work-tree=/var/www/vhosts/dev-develop checkout -f $branch
        if git diff --name-only $oldrev $newrev | grep -q '.scss$'; then
            gulp --cwd=/var/www/vhosts/dev-develop/bin  compileScss
        fi
    fi
done
sudo chmod +x hooks/post-receive

# Client Side

# Install PHP

# Run laters installer then replace the folder with latest source

# extension_dir = "ext"

# extension=php_pdo_sqlite.dll

# extension=php_curl.dll

# extension=php_openssl.dll

# extension=php_gd2.dll

# date.timezone = Europe/Bucharest

# Install VC11 http://www.microsoft.com/en-us/download/details.aspx?id=30679

vim ~/.ssh/config

File content:

Host 192.168.0.30
    Port 1022

# Git CMD
cd c:\www
php -r "file_put_contents('symfony', file_get_contents('https://symfony.com/installer'));"

# Git Bash
php symfony new dev 3.0.1
# git clone git://github.com/symfony/symfony-standard.git --branch master --single-branch /c/www/dev
git clone [email protected]:/var/git/vhosts/dev /c/www/tmp
rm -Rf /c/www/dev/.git
mv /c/www/tmp/.git /c/www/dev
rm -Rf /c/www/tmp
cd /c/www/dev
git config core.autocrlf false
git remote -v
git remote add origin_home [email protected]:/var/git/vhosts/dev
git remote add origin_work [email protected]:/var/git/vhosts/dev
git remote add origin_host_only [email protected]:/var/git/vhosts/dev
git remote rm origin

# Client Side

# Create PhpStorm project from source

# Install and activate symfony and annotation plugin

.gitignore

Append to configuration file:

/bin/
!/bin/console
!/bin/symfony_requirements

/.idea/
/nbproject/
/composer.lock

composer.json

Change configuration file:

"symfony-assets-install": "hard"

# add, commit, push

# Server side

cd /var/www/vhosts/dev
sudo setfacl -R -m u:"www-data":rwX var
sudo setfacl -dR -m u:"www-data":rwX var
sudo composer update --prefer-source
cd /var/www/vhosts/dev-develop
sudo setfacl -R -m u:"www-data":rwX var
sudo setfacl -dR -m u:"www-data":rwX var
sudo composer update --prefer-source
Add a custom footer
Add a custom sidebar
Clone this wiki locally