RoE | Wiki

User Tools

Site Tools

Trace: fedora_server
distros:fedora_server

Table of Contents

Information

  • Fedora Server 1)
  • 38

Download

Installation Notes

  • TODO, keep Fedora Server selected, check Headless Tools, switch to ext4 but keep eyes on XFS development after maintainer ordeal

HOSTS

Initial

  • Only run once
ls '/etc/hosts~' || wget -O '/tmp/hosts-tmp' 'https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-gambling-porn-social/hosts' && sudo cp --backup '/tmp/hosts-tmp' '/etc/hosts' && sudo restorecon -F -I -R '/etc/hosts' && sync

Update

ls '/etc/hosts~' && wget -O '/tmp/hosts-tmp' 'https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-gambling-porn-social/hosts' && sudo mv --force '/tmp/hosts-tmp' '/etc/hosts' && sudo restorecon -F -I -R '/etc/hosts' && sync

Restore Backup

ls '/etc/hosts~' && sudo restorecon -F -I -R '/etc/hosts~' && sudo mv --force '/etc/hosts~' '/etc/hosts' && sync

DNF

  • Disables Delta RPMs with deltarpm=false
echo 'deltarpm=false' | sudo tee --append '/etc/dnf/dnf.conf' > '/dev/null' && cat '/etc/dnf/dnf.conf' | grep 'deltarpm=false'
sudo -e '/etc/dnf/dnf.conf'

Software

Update

sudo dnf autoremove -y && sudo dnf distro-sync -y && sync

Firmware

sudo fwupdmgr refresh --force && sudo fwupdmgr update --verbose

GNU nano

  • Installs nano
  • Sets VISUAL and EDITOR to nano via environment variable
  • Sets nowrap for current user
sudo dnf install 'nano' -y && export 'VISUAL=nano' && export 'EDITOR=nano' && echo -e 'export VISUAL=nano\nexport EDITOR=nano' | sudo tee '/etc/profile.d/editor-nano.sh' > '/dev/null' && cat '/etc/profile.d/editor-nano.sh' && mkdir -p ~/'.config/nano' && echo 'set nowrap' | tee ~/'.config/nano/nanorc' > '/dev/null' && cat ~/'.config/nano/nanorc'

General

  • TODO: policycoreutils-devel provided something for CLI SELinux auditing, but it seems easier to GUI-audit from Cockpit without that package?
sudo dnf install irqbalance aria2 binutils hdparm htop kernel-tools lm_sensors openssl1.1 p7zip p7zip-plugins unar wget
policycoreutils-devel

Settings

Laptop Server

  • This tells systemd to ignore Lid close events and prevents system suspend 2)
sudo mkdir -p '/etc/systemd/logind.conf.d' && echo -e "[Login]\nHandleLidSwitch=ignore" | sudo tee '/etc/systemd/logind.conf.d/99-laptop-server.conf' > '/dev/null'
sudo -e '/etc/systemd/logind.conf.d/99-laptop-server.conf'

Network

  • Use systemd-resolved for DNS as it caches
  • :!: Until systemd-resolver is enabled, setting localhost for DNS fails; don't set this in Anaconda
  • TODO: Figure out command-line method for setting this; use Cockpit in the meantime

DNS

127.0.0.1
::1

systemd-resolved

sudo mkdir -p '/etc/systemd/resolved.conf.d' && sudo -e '/etc/systemd/resolved.conf.d/99-dns-over-tls.conf'
[Resolve]
DNS=1.1.1.2#security.cloudflare-dns.com 1.0.0.2#security.cloudflare-dns.com 2606:4700:4700::1112#security.cloudflare-dns.com 2606:4700:4700::1002#security.cloudflare-dns.com
DNSOverTLS=yes

Kernel Options

Magic SysRq key

echo 'kernel.sysrq = 1' | sudo tee '/etc/sysctl.d/99-sysrq.conf' > '/dev/null' && cat '/etc/sysctl.d/99-sysrq.conf'

Swappiness

echo 'vm.swappiness = 0' | sudo tee '/etc/sysctl.d/99-swappiness.conf' > '/dev/null' && cat '/etc/sysctl.d/99-swappiness.conf'

Dracut

  • System-specific boot optimization
  • :!: Be sure to undo this if planning on booting the same disk install on different hardware, notably for servers
  • :!: This may become deprecated with systemd-boot and F39
sudo -e '/etc/dracut.conf.d/99-custom.conf' && sudo dracut --force --regenerate-all
compress="cat"
do_strip="yes"
aggressive_strip="yes"
hostonly="yes"
hostonly_mode="strict"
fileloglvl="0"
sysloglvl="0"
stdloglvl="0"

Undo

sudo rm -f '/etc/dracut.conf.d/99-custom.conf' && sudo dracut --force --regenerate-all && sync

GRUB

Config

sudo grubby --update-kernel='ALL' --args=''

Hostname

  • Change x to computer name
  • Likely not needed if set through Anaconda
hostnamectl set-hostname 'x'

lm_sensors

sudo sensors-detect --auto
sudo -e '/etc/sysconfig/lm_sensors'

Secure Shell

  • See Client notes to generate/restore public key

Drive Maintenance

Trim

sudo systemctl enable 'fstrim.timer' --now && sudo systemctl start 'fstrim' && sync && sudo systemctl status 'fstrim' -l

UTC

  • System time - ArchWiki
  • Set RTC to UTC
  • :!: Needed if Windows is installed first
  • :!: Windows should also be set to UTC
sudo timedatectl set-local-rtc '0'

Verify

timedatectl | grep local

Automatic Updates

Service

sudo -e '/etc/systemd/system/fedora-up.service'
[Service]
Type=oneshot
ExecStartPre='/usr/bin/dnf' clean 'all'
ExecStart='/usr/bin/dnf' distro-sync -y
ExecStart='/usr/bin/dnf' autoremove -y
ExecStartPost='/usr/bin/sync'
ExecStartPost='/usr/bin/systemctl' reboot

Timer

  • 06:10 Kraityn
  • 06:20 Alira
  • 06:30 Oak
sudo -e '/etc/systemd/system/fedora-up.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'fedora-up.timer' --now
[Unit]
Description=Software Package Maintenance and Updater
After=network-online.target
Wants=network-online.target

[Timer]
OnCalendar=*-*-* 06:30:00
Persistent=true

[Install]
WantedBy=timers.target

Notable Folders and Commands

Firewalld

1)
https://getfedora.org/en/server
2)
2023/07/14: Oak was changed from a Phenom II X4 desktop to a X230 laptop; no more NAS but it was rarely-used and I have external drives
/var/www/wiki/data/pages/distros/fedora_server.txt · Last modified: 2023/09/13 05:42 by Sean Rhone