RoE | Wiki

User Tools

Site Tools

Trace:
distros:fedora_server

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
distros:fedora_server [2019/02/13 18:44] Sean Rhonedistros:fedora_server [2019/06/28 12:24] Sean Rhone
Line 1: Line 1:
 +====== Information ======
  
 +  * Fedora Server ((https://getfedora.org/en/server))
 +  * 30
 +
 +====== Download ======
 +
 +  * https://getfedora.org/en/server/download
 +
 +====== DNF ======
 +
 +  * Disables Delta RPMs with ''deltarpm=false''
 +
 +  cat '/etc/dnf/dnf.conf' | grep 'deltarpm=false' || echo 'deltarpm=false' | sudo tee --append '/etc/dnf/dnf.conf' > '/dev/null' && cat '/etc/dnf/dnf.conf'
 +
 +====== Software ======
 +
 +===== Update =====
 +
 +****
 +
 +  sudo dnf clean 'all' && sudo dnf distro-sync -y && sudo dnf autoremove -y && sync
 +
 +===== GNU nano =====
 +
 +  * Installs ''nano''
 +  * Sets ''VISUAL'' and ''EDITOR'' to ''nano'' via environment variable
 +  * Sets ''nowrap'' for current user
 +
 +  sudo dnf install 'nano' -y && export 'VISUAL=nano' && export 'EDITOR=nano' && echo -e 'export VISUAL=nano\nexport EDITOR=nano' | sudo tee '/etc/profile.d/editor-nano.sh' > '/dev/null' && cat '/etc/profile.d/editor-nano.sh' && mkdir -p ~/'.config/nano' && echo 'set nowrap' | tee ~/'.config/nano/nanorc' > '/dev/null' && cat ~/'.config/nano/nanorc'
 +
 +===== General =====
 +
 +  sudo dnf install htop
 +
 +  p7zip unar aria2
 +
 +  policycoreutils-devel
 +
 +====== USB Backups ======
 +
 +===== Drive Mount =====
 +
 +  * Expects single-partition flash drive with ext4
 +  * TODO: If multiple drives beyond sda main and sdb USB are ever involved, use UUID instead
 +
 +  sudo mkdir -p '/mnt/USB' && sudo -e '/etc/fstab'
 +
 +  # USB Backup
 +  /dev/sdb1 /mnt/USB ext4 defaults 0 2
 +
 +===== Service =====
 +
 +  mkdir -p ~/'backups' && sudo -e '/etc/systemd/system/usb-b.service'
 +
 +  [Service]
 +  Type=oneshot
 +  ExecStart='/usr/bin/rsync' -r '/home/espionage724/backups' '/mnt/USB' -v --ignore-existing
 +
 +===== Timer =====
 +
 +  * See server-specific configurations to make use of this
 +
 +  sudo -e '/etc/systemd/system/usb-b.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'usb-b.timer' --now
 +
 +  [Unit]
 +  Description=USB Backup
 +  
 +  [Timer]
 +  OnCalendar=*-*-* 04:00:00
 +  Persistent=true
 +  
 +  [Install]
 +  WantedBy=timers.target
 +
 +===== SELinux =====
 +
 +==== Switch to Permissive ====
 +
 +****
 +
 +  sudo setenforce '0'
 +
 +==== Clear Audit Log ====
 +
 +  su
 +
 +  > '/var/log/audit/audit.log'
 +
 +==== Start Services ====
 +
 +****
 +
 +  sudo systemctl start 'usb-b'
 +
 +==== Create Policy ====
 +
 +****
 +
 +  sudo audit2allow -a -M 'usb-b'
 +
 +==== Install Policy ====
 +
 +****
 +
 +  sudo semodule -i 'usb-b.pp'
 +
 +==== Switch to Enforcing ====
 +
 +****
 +
 +  sudo setenforce '1'
 +
 +==== Clean Up ====
 +
 +****
 +
 +  sudo rm usb-b.pp usb-b.te && sync
 +
 +====== Automatic Updates ======
 +
 +===== Service =====
 +
 +  * TODO: If this ever fails because of the modular repo not being available, look into auto-restart
 +
 +  sudo -e '/etc/systemd/system/fedora-up.service'
 +
 +<code>
 +[Service]
 +Type=oneshot
 +ExecStartPre='/usr/bin/dnf' clean 'all'
 +ExecStart='/usr/bin/dnf' distro-sync -y
 +ExecStart='/usr/bin/dnf' autoremove -y
 +ExecStartPost='/usr/bin/sync'
 +ExecStartPost='/usr/bin/systemctl' reboot</code>
 +
 +===== Timer =====
 +
 +  * 06:10 Kraityn
 +  * 06:20 Alira
 +  * 06:30 Oak
 +
 +  sudo -e '/etc/systemd/system/fedora-up.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'fedora-up.timer' --now
 +
 +<code>
 +[Unit]
 +Description=Software Package Maintenance and Updater
 +After=network-online.target
 +Wants=network-online.target
 +
 +[Timer]
 +OnCalendar=*-*-* 06:10:00
 +Persistent=true
 +
 +[Install]
 +WantedBy=timers.target</code>
 +
 +====== Notable Folders and Commands ======
 +
 +===== YUM/DNF Repos =====
 +
 +****
 +
 +  /etc/yum.repos.d
 +
 +===== fstrim =====
 +
 +****
 +
 +  sudo fstrim -v --all
 +
 +===== SELinux Re-label =====
 +
 +****
 +
 +  sudo touch '/.autorelabel'
 +
 +===== Show CPU Frequency =====
 +
 +  grep 'MHz' '/proc/cpuinfo'
 +
 +  watch -n 0.1 grep \'cpu MHz\' '/proc/cpuinfo'
 +
 +===== Partition Information =====
 +
 +****
 +
 +  df -hT
 +
 +===== Optimal GCC compiler flags =====
 +
 +****
 +
 +  gcc -v -E -x c -march=native -mtune=native - < /dev/null 2>&1 | grep cc1 | perl -pe 's/ -mno-\S+//g; s/^.* - //g;'
 +
 +===== FirewallD =====
 +
 +==== List Active Rules ====
 +
 +****
 +
 +  sudo firewall-cmd --list-all
 +
 +==== List Available Services ====
 +
 +****
 +
 +  sudo firewall-cmd --get-service
 +
 +==== Reload ====
 +
 +****
 +
 +  sudo firewall-cmd --reload
 +
 +==== Add/Remove Service ====
 +
 +  * Add ''--permanent'' as-needed to allow the rule to persist
 +
 +  sudo firewall-cmd --add-service=x
 +
 +  sudo firewall-cmd --remove-service=x
 +
 +==== Add/Remove Port ====
 +
 +  * Add ''--permanent'' as-needed to allow the rule to persist
 +  * Change ''tcp'' to ''udp'' as-needed
 +
 +  sudo firewall-cmd --add-port=x/tcp
 +
 +  sudo firewall-cmd --remove-port=x/tcp
/var/www/wiki/data/pages/distros/fedora_server.txt · Last modified: 2024/02/05 15:40 by Sean Rhone