initial commit of bin scripts into git
This commit is contained in:
202
Mint-Linux-Upgrade
Normal file
202
Mint-Linux-Upgrade
Normal file
@@ -0,0 +1,202 @@
|
||||
#!/bin/sh
|
||||
|
||||
# choose internode...
|
||||
software-properties-gtk
|
||||
|
||||
# set root pwd
|
||||
sudo passwd
|
||||
|
||||
# use previous install's conf
|
||||
export OD=/mnt/old_distro
|
||||
cp -f $OD/etc/sudoers.d/ddp /etc/sudoers.d/ ; # make sudo not ask for passwd for sudo group (that is all this does)
|
||||
cp -f $OD/etc/default/grub /etc/default/grub ; # GRUB_TIMEOUT=1, GRUB_BACKGROUND=/home/ddp/Pictures/star-for-grub.png
|
||||
grep 192.168.0.2 $OD/etc/fstab >> /etc/fstab
|
||||
# this should be created with min installer, but just in case:
|
||||
# grep backup $OD/etc/fstab >> /etc/fstab
|
||||
# FINALLY: set final number to 0 on /boot/efi so it does not fail fsck on every boot
|
||||
mkdir /myth
|
||||
mkdir -p /backup
|
||||
#echo "192.168.0.2:/export/myth /myth nfs noauto,x-systemd.automount,x-systemd.device-timeout=10,timeo=14,x-systemd.idle-timeout=1min,rsize=65536,wsize=65536,timeo=14,intr" >> /etc/fstab ; # stupid nfs mounts via systemd need this kooky syntax
|
||||
#echo "192.168.0.2:/export/home /home nfs noauto,x-systemd.automount,x-systemd.device-timeout=10,timeo=14,x-systemd.idle-timeout=1min,rsize=65536,wsize=65536,timeo=14,intr" >> /etc/fstab ; # stupid nfs mounts via systemd need this kooky syntax
|
||||
|
||||
apt-get update
|
||||
|
||||
# update everything :^)
|
||||
apt-get -y dist-upgrade
|
||||
|
||||
apt-get -y install gimp vim gnome-games openssh-server mplayer unrar \
|
||||
thunderbird nmap iftop ethtool gsmartcontrol imagemagick \
|
||||
freerdp2-x11 vlc nethogs tcl sysstat nfs-common faenza-icon-theme steam \
|
||||
gimp-plugin-registry elinks mesa-utils xscreensaver-gl alien \
|
||||
wmctrl grub2-splashimages libcrypt-ssleay-perl ntp traceroute \
|
||||
ubuntu-restricted-extras smbclient devilspie2 net-tools grub2-theme-mint-2k \
|
||||
fonts-crosextra-carlito fonts-crosextra-caladea git restic nvme-cli dkms iotop-c
|
||||
|
||||
### dkms/secureboot -> Will also need me to put the signing key into the bios on any new mobo (google it)
|
||||
cp -f $OD/etc/dkms/framework.conf /etc/dkms/ ; # OR just enable the sign tool line
|
||||
cp -f $OD/etc/dkms/sign-tool /etc/dkms/ ; # OR tweak this to have passphrase in it
|
||||
|
||||
|
||||
# catch new grub.conf and grub2-theme-mint-2k
|
||||
update-grub
|
||||
|
||||
# wireguard VPN to work
|
||||
apt-get -y install wireguard-tools resolvconf unbound
|
||||
cp -f $OD/etc/wireguard/wg100.conf /etc/wireguard/wg100.conf
|
||||
cp -f $OD/etc/unbound/unbound.conf.d/wg-deakin.conf /etc/unbound/unbound.conf.d/wg-deakin.conf
|
||||
systemctl disable systemd-resolved
|
||||
systemctl enable wg-quick@wg100
|
||||
systemctl restart unbound
|
||||
systemctl restart wg-quick@wg100
|
||||
# this copies over the 'search ddp.net' part
|
||||
cp -f $OD/etc/resolvconf/resolv.conf.d/tail /etc/resolvconf/resolv.conf.d/tail
|
||||
|
||||
|
||||
# get nvidia drivers
|
||||
ubuntu-drivers install
|
||||
|
||||
### half-way through linuxmint 20, needed to add this:
|
||||
ExecStartPre=modprobe nvidia
|
||||
#to /etc/systemd/system/display-manager.service: like below...
|
||||
|
||||
[Service]
|
||||
# temporary safety check until all DMs are converted to correct
|
||||
# display-manager.service symlink handling
|
||||
ExecStartPre=modprobe nvidia
|
||||
ExecStartPre=/bin/sh -c '[ "$(basename $(cat /etc/X11/default-display-manager 2>/dev/null))" = "lightdm" ]'
|
||||
ExecStart=/usr/sbin/lightdm
|
||||
Restart=always
|
||||
BusName=org.freedesktop.DisplayManager
|
||||
|
||||
|
||||
# steam needed the 32-bit nvidia-gl lib to match the above one it installed, e.g. -430 (not needed this time)
|
||||
#apt-get -y install libnvidia-gl-435:i386
|
||||
|
||||
# remember to say yes to hddtemp
|
||||
#sensors-detect ; # remember to say yes explicitly to the last question
|
||||
|
||||
# LDAP for client auth
|
||||
sudo apt install libnss-ldap libpam-ldap ldap-utils nscd
|
||||
# answer:
|
||||
#1) ldap://192.168.0.2
|
||||
#2) dc=depaoli,dc=id,dc=au
|
||||
#3) 3
|
||||
#4) Yes
|
||||
#5) No
|
||||
#6) cn=admin,dc=depaoli,dc=id,dc=au
|
||||
#7) a_real_admin_pass_word_for_2o20
|
||||
|
||||
# in case you screw up a step above, do this:
|
||||
dpkg-reconfigure ldap-auth-config
|
||||
|
||||
# add ldap to end of passwd group shadow in /etc/nsswitch.conf
|
||||
#### passwd: files systemd ldap
|
||||
#### group: files systemd ldap
|
||||
|
||||
sudo pam-auth-update ; # tick on home dir creation
|
||||
|
||||
# add bind_policy soft to /etc/ldap.conf (as root)
|
||||
echo "bind_policy soft" >> /etc/ldap.conf
|
||||
|
||||
|
||||
##
|
||||
## Now, need to get home dir back...
|
||||
##
|
||||
|
||||
# firewall
|
||||
sudo ufw allow from 192.168.0.0/24 to any port 22 ; # ssh
|
||||
sudo ufw allow from 128.184.0.0/16 to any port 22 ; # ssh from sys interact
|
||||
sudo ufw enable
|
||||
|
||||
# ensure wol works in new systemd world
|
||||
eth=`ifconfig | grep en | head -n1 | cut -f1 -d:`
|
||||
sudo ethtool -s $eth wol g
|
||||
|
||||
reboot ; # should fix nvidia drivers and ldap and NFS of /home, /myth
|
||||
|
||||
#######
|
||||
|
||||
|
||||
################################### zoom/teams ###################################
|
||||
# zoom from a repo (this is some guys hack, not official - so check):
|
||||
wget -qO- https://mirror.mwt.me/my/gpgkey | sudo tee /usr/share/keyrings/mwt.asc > /dev/null
|
||||
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/mwt.asc by-hash=force] https://mirror.mwt.me/my/deb any rstudio zoom" | sudo tee /etc/apt/sources.list.d/mwt.list
|
||||
apt update
|
||||
apt install -y zoom
|
||||
# I'm using teams in browser now, so dont need this?
|
||||
#curl https://packages.microsoft.com/keys/microsoft.asc | sudo tee /etc/apt/trusted.gpg/microsoft.asc
|
||||
#echo "deb [arch=amd64] https://packages.microsoft.com/repos/ms-teams stable main" | sudo tee /etc/apt/sources.list.d/teams.list
|
||||
#apt update
|
||||
#apt install -y teams
|
||||
|
||||
################################### MYTH ###################################
|
||||
# get myth on the box
|
||||
### if you need a newer version: sudo add-apt-repository ppa:mythbuntu/32 && apt update
|
||||
mkdir /myth
|
||||
apt-get -y install mythweather mythmusic mythtv-frontend nfs-common
|
||||
# for myth... (I think this is no longer needed with ldap now)
|
||||
# uid=500, gid=500 for mythtv:mythtv
|
||||
# vi /etc/passwd ; # make mythtv - 500:500
|
||||
# vi /etc/group ; # make mythtv - 500
|
||||
#chown -R mythtv:mythtv /home/mythtv
|
||||
chown -R mythtv:mythtv /var/log/mythtv/
|
||||
#for i in $USERS; do
|
||||
# gpasswd -a $i mythtv
|
||||
#done
|
||||
|
||||
apt-get -y purge mythtv-dbg
|
||||
|
||||
# if on pug:
|
||||
#sudo cp -r /mnt/old_distro/usr/share/mythtv/mythweather/scripts/bom* /usr/share/mythtv/mythweather/scripts
|
||||
|
||||
################################### VPN ###################################
|
||||
|
||||
# VPN:
|
||||
#sudo apt -y install network-manager-openconnect-gnome
|
||||
|
||||
## smart & external drive:
|
||||
# consider /etc/smartd.conf (I added disk-by-id -d ignore -- but its h/w specific)
|
||||
|
||||
## need to get Deakin cisco one (https://www.deakin.edu.au/software/) -- maybe: https://software.deakin.edu.au/2019/04/16/cisco-anyconnect/
|
||||
#cd /home/ddp/tmp
|
||||
#tar zxf /home/ddp/installed/anyconnect-linux64-4.10.00093-predeploy-k9.tar.gz
|
||||
#cd anyconnect-linux64-*/vpn
|
||||
#sudo ./vpn_install.sh
|
||||
#run from menu, and when it has a connection box, need to use: vpn.deakin.edu.au/unencrypted
|
||||
|
||||
################################### borric ###################################
|
||||
# keyboard (do these by hand, 1-by-1, needs kbd input between cmds)
|
||||
add-apt-repository ppa:openrazer/stable
|
||||
add-apt-repository ppa:polychromatic/stable
|
||||
apt update
|
||||
apt install -y openrazer-meta polychromatic
|
||||
# do this to get keys into correct files/format
|
||||
#apt-key export 22E2C8C5 | sudo gpg --dearmour -o /etc/apt/trusted.gpg.d/polychromatic.gpg
|
||||
#apt-key export 7B2AEE37 | sudo gpg --dearmour -o /etc/apt/trusted.gpg.d/OpenRazer.gpg
|
||||
|
||||
# as ddp/etc:
|
||||
sudo gpasswd -a $USER plugdev
|
||||
|
||||
# install brave instead (follow this: https://brave.com/linux/#linux)
|
||||
curl -fsSLo /usr/share/keyrings/brave-browser-archive-keyring.gpg https://brave-browser-apt-release.s3.brave.com/brave-browser-archive-keyring.gpg
|
||||
echo "deb [signed-by=/usr/share/keyrings/brave-browser-archive-keyring.gpg arch=amd64] https://brave-browser-apt-release.s3.brave.com/ stable main"|tee /etc/apt/sources.list.d/brave-browser-release.list
|
||||
apt update
|
||||
sudo apt install -y brave-browser
|
||||
|
||||
# spotify if we want it
|
||||
curl -sS https://download.spotify.com/debian/pubkey_5E3C45D7B312C643.gpg | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/repository-spotify-com-keyring.gpg
|
||||
sudo apt install -y spotify-client
|
||||
|
||||
# vs code:
|
||||
# get new version from: https://code.visualstudio.com/docs/setup/linux
|
||||
sudo apt install ./Downloads/code_1.54.3-1615806378_amd64.deb
|
||||
|
||||
# add vim plugin:
|
||||
# https://marketplace.visualstudio.com/items?itemName=vscodevim.vim
|
||||
|
||||
# consider adding ~/bin/manage_teams & ~/bin/cinnamon_is_slow to crontab for ddp
|
||||
# b/c windows dual boot messes with time/date, do this:
|
||||
timedatectl set-local-rtc 1 --adjust-system-clock
|
||||
|
||||
# catch any personal crons: was only using this for scripts I no longer need (cinnamon slow / manage_teams)
|
||||
#########sudo rsync -axv $OD/var/spool/cron/crontabs/ /var/spool/cron/crontabs/
|
||||
Reference in New Issue
Block a user