Differences

This shows you the differences between two versions of the page.

--- distros:opensuse_tumbleweed_server [2022/05/14 00:39] – [General] Sean Rhone
+++ distros:opensuse_tumbleweed_server [2023/08/27 13:36] – Sean Rhone
@@ Line 1: / Line 1: @@
-====== Information ======
-  * openSUSE ((https://www.opensuse.org))
-  * Tumbleweed ((https://en.opensuse.org/Portal:Tumbleweed))
-  * Server
-====== Download ======
-  * http://download.opensuse.org/tumbleweed/iso/
-===== DVD + Xfce Live =====
-  * Downloads the latest DVD and Xfce Live images
-  cd ~/'Downloads' && aria2c 'https://download.opensuse.org/tumbleweed/iso/openSUSE-Tumbleweed-XFCE-Live-x86_64-Current.iso' && aria2c 'http://download.opensuse.org/tumbleweed/iso/openSUSE-Tumbleweed-DVD-x86_64-Current.iso' && aria2c 'https://download.opensuse.org/tumbleweed/iso/openSUSE-Tumbleweed-DVD-x86_64-Current.iso.sha256' && sha256sum ~/'Downloads/openSUSE-Tumbleweed-DVD-x86_64-'*'-Media.iso' && cat ~/'Downloads/openSUSE-Tumbleweed-DVD-x86_64-'*'-Media.iso.sha256' && sync
-===== DVD =====
-  * ISO and SHA256 hash
-  http://download.opensuse.org/tumbleweed/iso/openSUSE-Tumbleweed-DVD-x86_64-Current.iso
-  https://download.opensuse.org/tumbleweed/iso/openSUSE-Tumbleweed-DVD-x86_64-Current.iso.sha256
-===== Xfce =====
-  * For LiveUSB
-  https://download.opensuse.org/tumbleweed/iso/openSUSE-Tumbleweed-XFCE-Live-x86_64-Current.iso
-====== Installation Notes ======
-  * ''EFI/opensuse/grubx64.efi'' ((EFI file to boot and in the case of Acer laptops, add to SecureBoot trust; doesn't matter if SecureBoot is enabled or not))
-===== Partitioning =====
-  - XFS
-  - No separate ''/home''
-  - Separate ''swap''
-====== Repositories ======
-===== ROCm =====
-  * https://docs.amd.com/
-  * Repository Priority: 98
-  * Provides ROCm, notably OpenCL libraries
-  sudo rpm --import 'https://repo.radeon.com/rocm/rocm.gpg.key' && sudo zypper addrepo --gpgcheck-strict --check --refresh --priority '98' 'https://repo.radeon.com/rocm/zyp/zypper/' 'ROCm'
-====== Software ======
-===== List =====
-  * http://download.opensuse.org/tumbleweed/repo/
-===== Disable USB Source =====
-****
-  sudo zypper modifyrepo --disable --medium-type 'hd'
-===== Update =====
-****
-  sudo zypper clean --all && sudo zypper refresh --force --services && sudo zypper dist-upgrade --details --allow-downgrade --allow-name-change --allow-arch-change --allow-vendor-change && sync
-===== GNU nano =====
-  * Installs ''nano''
-  * Sets ''VISUAL'' and ''EDITOR'' to ''nano'' via environment variable
-  * Sets ''nowrap'' for current user
-  sudo zypper install 'nano' && export 'VISUAL=nano' && export 'EDITOR=nano' && echo -e 'export VISUAL=nano\nexport EDITOR=nano' | sudo tee '/etc/profile.d/editor-nano.sh' > '/dev/null' && cat '/etc/profile.d/editor-nano.sh' && mkdir -p ~/'.config/nano' && echo 'set nowrap' | tee ~/'.config/nano/nanorc' > '/dev/null' && cat ~/'.config/nano/nanorc'
-===== General =====
-****
-  sudo zypper install aria2 flashrom hdparm htop nano 7zip sensors unar wget irqbalance xfsprogs-scrub
-===== ROCm =====
-  * :!: Run ''sudo ldconfig'' if OpenCL isn't found
-  rocm-opencl rocm-smi-lib
-===== Keybase =====
-  * https://keybase.io
-  * :!: TODO: Figure out how to do automated bcakups to KBFS
-  * :!: This page shows up on Google search; for desktop openSUSE and the GUI Keybase client, add the repo shown on [[distros:opensuse_tumbleweed_gnome#keybase]]
-  keybase
-====== Settings ======
-===== Network =====
-****
-  sudo yast2 'lan'
-==== Hostname/DNS ====
-  * https://1.1.1.1/dns/
-  * See [[notes:dns_servers|DNS servers]] for other DNS servers
-  * Static Hostname: ''Computer name''
-  * Modify DNS Configuration: ''Use Custom Policy''
-  * Name Server 1: ''1.1.1.1''
-  * Name Server 2: ''1.0.0.1''
-  * Name Server 3: ''8.8.8.8''
-==== Routing ====
-  * Destination: ''default''
-  * Gateway: ''192.168.1.1''
-  * Device: ''-''
-===== Hostname =====
-  * Change ''x'' to computer name
-  sudo hostnamectl set-hostname 'x'
-===== lm_sensors =====
-****
-  sudo sensors-detect --auto
-===== Secure Shell =====
-  * See [[clients:secure_shell#generate_ssh_keys|Client - Generate SSH Keys]] notes to generate/restore public key
-===== Drive Maintenance =====
-==== Swap ====
-  * Add ''discard'' after ''defaults'' for the ''swap'' mountpoint ((defaults,discard))
-  * According to the ''swapon'' man page, setting this in ''fstab'' is acceptable
-  sudo -e '/etc/fstab'
-  ,discard
-==== Trim ====
-  * :!: Enable only if a SSD is being used for Linux
-  sudo systemctl enable 'fstrim.timer' --now && sudo systemctl start 'fstrim' && sync && sudo systemctl status 'fstrim' -l
-==== XFS Scrub ====
-  * [[https://wiki.archlinux.org/title/XFS#Online_Metadata_Checking_(scrub)|XFS - ArchWiki]]
-  * :!: Enable in all cases since it's likely both ''/'' and ''/boot'' are XFS
-  sudo systemctl enable 'xfs_scrub_all.timer' --now && sudo systemctl start 'xfs_scrub_all' && sync && sudo systemctl status 'xfs_scrub_all' -l
-===== UTC =====
-  * [[https://wiki.archlinux.org/index.php/System_time#Time_standard|ArchWiki]]
-  * Set RTC to UTC
-  sudo timedatectl set-local-rtc '0'
-==== Verify ====
-****
-  timedatectl | grep local
-====== Automatic Updates ======
-===== Service =====
-  sudo -e '/etc/systemd/system/suse-up.service'
-<code>
-[Service]
-Type=oneshot
-ExecStartPre='/usr/bin/zypper' clean --all
-ExecStart='/usr/bin/zypper' --non-interactive refresh --force --services
-ExecStart='/usr/bin/zypper' --non-interactive dist-upgrade --auto-agree-with-licenses --allow-downgrade --allow-name-change --allow-arch-change --allow-vendor-change
-ExecStartPost='/usr/bin/sync'
-ExecStartPost='/usr/bin/systemctl' reboot</code>
-===== Timer =====
-  * 06:00 Oak
-  * 06:10 Alira
-  sudo -e '/etc/systemd/system/suse-up.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'suse-up.timer' --now
-<code>
-[Unit]
-Description=Software Package Maintenance and Updater
-After=network-online.target
-Wants=network-online.target
-[Timer]
-OnCalendar=*-*-* 06:00:00
-Persistent=true
-[Install]
-WantedBy=timers.target</code>
-====== External Backup ======
-===== fstab =====
-  * Expects a drive of some kind with a XFS partition at ''/dev/sdb1''
-  sudo mkdir -p '/mnt/USB' && sudo -e '/etc/fstab'
-<code>
-# USB
-/dev/sdb1 /mnt/USB xfs rw,relatime,attr2,inode64,noquota 0 2</code>
-  sudo mount '/dev/sdb1'
-===== Service =====
-  sudo -e '/etc/systemd/system/backup-external.service' && sudo sed -i 's/CHANGEME/'$USER'/g' '/etc/systemd/system/backup-external.service'
-<code>
-[Service]
-Type=oneshot
-ExecStartPre='/usr/bin/sync'
-ExecStart='/usr/bin/rsync' -r '/home/CHANGEME/backups' '/mnt/USB' --verbose --ignore-existing
-ExecStartPost='/usr/bin/sync'</code>
-===== Timer =====
-  sudo -e '/etc/systemd/system/backup-external.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'backup-external.timer' --now
-<code>
-[Unit]
-Description=Backup Backups to External Device
-[Timer]
-OnCalendar=*-*-* 07:00:00
-Persistent=true
-[Install]
-WantedBy=timers.target</code>
-====== Notable Folders and Commands ======
-===== Zypper =====
-==== Find Orphans ====
-****
-  zypper packages --orphaned
-==== Remove Package and Deps ====
-****
-  sudo zypper remove --clean-deps 'x'
-==== Show Installed Patterns ====
-****
-  sudo zypper patterns --installed-only
-==== Folder ====
-****
-  ls '/etc/zypp/repos.d'
-==== List ====
-****
-  zypper repos --priority
-===== GPG Keys =====
-==== Check Keys ====
-****
-  rpm -q gpg-pubkey --qf '%{NAME}-%{VERSION}-%{RELEASE}\t%{SUMMARY}\n'
-==== Remove Keys ====
-****
-  sudo rpm -e x
-===== fstrim =====
-****
-  sudo fstrim --verbose --all
-===== Show Sensors =====
-****
-  sudo zypper install -y 'sensors' && sudo sensors-detect --auto && sudo watch -n0.1 sensors
-===== Show CPU Frequency =====
-  grep 'MHz' '/proc/cpuinfo'
-  watch -n 0.1 grep \'cpu MHz\' '/proc/cpuinfo'
-===== OpenSSL Supported Ciphers =====
-****
-  openssl ciphers -v | awk '{print $2}' | sort | uniq
-===== Partition Information =====
-  * Both commands present the same information
-  df -hT
-  df --human-readable --print-type
-===== Encryption Information =====
-****
-  sudo cryptsetup -v status '/dev/dm-0'
-===== HT/SMT Information =====
-****
-  grep -e "processor" -e "core id" -e "^$" /proc/cpuinfo
-===== Optimal GCC compiler flags =====
-****
-  gcc -v -E -x c -march=native -mtune=native - < /dev/null 2>&1 | grep cc1 | perl -pe 's/ -mno-\S+//g; s/^.* - //g;'
-===== firewalld =====
-==== List Active Rules ====
-****
-  sudo firewall-cmd --list-all
-==== List Available Services ====
-****
-  sudo firewall-cmd --get-services
-==== Show Service Info ====
-  * Change ''x'' to name of a service from above
-  * This shows what ports and protocols a service covers
-  sudo firewall-cmd --info-service=x
-==== Reload ====
-****
-  sudo firewall-cmd --reload
-==== Add/Remove Service ====
-  * Add ''--permanent'' as-needed to allow the rule to persist
-  sudo firewall-cmd --add-service=x
-  sudo firewall-cmd --remove-service=x
-==== Add/Remove Port ====
-  * Add ''--permanent'' as-needed to allow the rule to persist
-  * Change ''tcp'' to ''udp'' as-needed
-  sudo firewall-cmd --add-port=x/tcp
-  sudo firewall-cmd --remove-port=x/tcp