From cd248b7573dcd45cb0d5c57994a6786ee16101cb Mon Sep 17 00:00:00 2001 From: Matt Birkholz Date: Mon, 26 Feb 2024 17:44:10 -0700 Subject: [PATCH] Update pre-provisioning to install all desired Debian (12) packages. --- README.org | 48 +++++++++++++++++++++++++++++++++++------------- 1 file changed, 35 insertions(+), 13 deletions(-) diff --git a/README.org b/README.org index 6810366..d14d042 100644 --- a/README.org +++ b/README.org @@ -1062,17 +1062,25 @@ With Debian freshly installed, Core needed several additional software packages. The administrator temporarily plugged Core into a cable modem and installed them as shown below. -: $ sudo apt install openssh-server rsync isc-dhcp-server netplan.io \ -: _ bind9 fetchmail openvpn apache2 +: $ sudo apt install netplan.io systemd-resolved unattended-upgrades \ +: _ ntp isc-dhcp-server bind9 apache2 openvpn \ +: _ postfix dovecot-imapd fetchmail expect rsync \ +: _ gnupg openssh-server The Nextcloud configuration requires Apache2, MariaDB and a number of PHP modules. Installing them while Core was on a cable modem sped up final configuration "in position" (on a frontier). -: $ sudo apt install mariadb-server php php-{bcmath,curl,gd,gmp,json}\ -: _ php-{mysql,mbstring,intl,imagick,xml,zip} \ +: $ sudo apt install mariadb-server php php-{apcu,bcmath,curl,gd,gmp}\ +: _ php-{json,mysql,mbstring,intl,imagick,xml,zip} \ : _ libapache2-mod-php +Similarly, the NAGIOS configuration requires a handful of packages +that were pre-loaded via cable modem (to test a frontier deployment). + +: $ sudo apt install nagios4 monitoring-plugins-basic lm-sensors \ +: _ nagios-nrpe-plugin + Next, the administrator concatenated a personal public ssh key and the key found in [[file:Secret/ssh_admin/][=Secret/ssh_admin/=]] (created by [[*The CA Command][The CA Command]]) into an =admin_keys= file, copied it to Core, and installed it as the @@ -1207,7 +1215,9 @@ With Debian freshly installed, Gate needed a couple additional software packages. The administrator temporarily plugged Gate into a cable modem and installed them as shown below. -: $ sudo apt install openssh-server isc-dhcp-server netplan.io +: $ sudo apt install netplan.io systemd-resolved unattended-upgrades \ +: _ ufw isc-dhcp-server postfix openvpn \ +: _ openssh-server Next, the administrator concatenated a personal public ssh key and the key found in [[file:Secret/ssh_admin/][=Secret/ssh_admin/=]] (created by [[*The CA Command][The CA Command]]) into an @@ -6989,9 +6999,12 @@ After Debian is installed (as detailed in [[*A Test Machine][A Test Machine]]) a machine rebooted, the administrator logs in and installs several additional software packages. +# Similar lists are given in "The Gate Machine" and should be +# kept up-to-date. + #+BEGIN_SRC sh -sudo apt install netplan.io ufw unattended-upgrades postfix \ - isc-dhcp-server openvpn +sudo apt install netplan.io systemd-resolved unattended-upgrades \ + ufw isc-dhcp-server postfix openvpn #+END_SRC Again, the Postfix installation prompts for a couple settings. The @@ -7052,13 +7065,22 @@ After Debian is installed (as detailed in [[*A Test Machine][A Test Machine]]) a machine rebooted, the administrator logs in and installs several additional software packages. -#+BEGIN_SRC sh -sudo apt install netplan.io unattended-upgrades postfix \ - isc-dhcp-server bind9 fetchmail gnupg \ - expect dovecot-imapd apache2 openvpn -#+END_SRC +# Similar lists are given in "The Core Machine" and should be +# kept up-to-date. -Again, the Postfix installation prompts for a couple settings. The +#+BEGIN_SRC sh +sudo apt install netplan.io systemd-resolved unattended-upgrades \ + ntp isc-dhcp-server bind9 apache2 openvpn \ + postfix dovecot-imapd fetchmail expect rsync \ + gnupg +sudo apt install mariadb-server php php-{apcu,bcmath,curl,gd,gmp}\ + php-{json,mysql,mbstring,intl,imagick,xml,zip} \ + libapache2-mod-php +sudo apt install nagios4 monitoring-plugins-basic lm-sensors \ + nagios-nrpe-plugin +#+END_SRC + +Again the Postfix installation prompts for a couple settings. The defaults, listed below, are fine. - General type of mail configuration: Internet Site -- 2.25.1