Skip to content

Configuration de base

Depuis une installation serveur avec Apache et SSH

iso : debian-12.5.0-amd64-netinstall.iso Install Serveur iniquement + SSH + Apache

Ip address

Execution sous root su -

Bash
ip -4 addr
Bash Session
(myvenv) siwone@debiandetest:~$ ip -4 addr

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: ens18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    altname enp0s18
    inet 192.168.1.124/24 brd 192.168.1.255 scope global dynamic ens18
       valid_lft 26705sec preferred_lft 26705sec

Changer IP Address

Sur une install Desktop Xcfe

Bash Session
# ip route show

default via 192.168.1.254 dev ens18 proto dhcp src 192.168.1.45 metric 100
192.168.1.0/24 dev ens18 proto kernel scope link src 192.168.1.45 metric 100

# ls /sys/class/net

ens18  lo


# vi /etc/network/interfaces

allow-hotplug ens18
iface ens18 inet static
   address 192.168.1.179/24
   gateway 192.168.1.254
   dns-nameservers 8.8.8.8 8.8.4.4

: Redémarrer le service réseau

# systemctl restart networking.service
# ou REBOOT

: Vérification de la configuration

ip addr show ens18

ip a

# ip route show

default via 192.168.1.254 dev ens18 onlink
192.168.1.0/24 dev ens18 proto kernel scope link src 192.168.1.179

# ip -4 addr

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: ens18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    altname enp0s18
    inet 192.168.1.179/24 brd 192.168.1.255 scope global ens18
       valid_lft forever preferred_lft forever

ls /sys/class/net

ens18  lo

cat /etc/network/interfaces

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

allow-hotplug ens18
iface ens18 inet static
   address 192.168.1.179/24
   gateway 192.168.1.254
   dns-nameservers 8.8.8.8 8.8.4.4

Mise à jour du system

Bash
apt-get update
apt-get dist-upgrade

dpkg --list

Config Remote Session Xclient

L'utilisateur ne doit pas étre déjà connecté dans une autre session : logoff !

Bash
apt update && sudo apt upgrade -y
# apt install xfce4 xfce4-goodies xorg dbus-x11 x11-xserver-utils -y
apt install xrdp -y
systemctl status xrdp
adduser xrdp ssl-cert
systemctl restart xrdp

? echo "startxfce4" > ~/.Xclients
? chmod +x ~/.Xclients

sudo apt-get install ufw
ufw allow 3389

Installation python

Bash
su -
apt install python3.11-venv
exit
python3 -m venv myvenv

source ./myvenv/bin/activate

Config .Bashrc (Setting windows title)

Bash
set-window-title() {
  #echo -en "\033]0;$(pwd | sed -e "s;^$HOME;~;")\a"
  echo -en "\033]0;$(pwd | sed -e "s;^/home/tsan2/appli/;~;")\a"
}

if [[ "$PROMPT_COMMAND" ]]; then
  export PROMPT_COMMAND="$PROMPT_COMMAND;set-window-title"
else
  export PROMPT_COMMAND=set-window-title
fi

Le fichier bashrc

Bash
# .bashrc

# Source global definitions
if [ -f /etc/bashrc ]; then
    . /etc/bashrc
fi

# User specific environment
if ! [[ "$PATH" =~ "$HOME/.local/bin:$HOME/bin:" ]]
then
    PATH="$HOME/.local/bin:$HOME/bin:$PATH"
fi
export PATH

# Uncomment the following line if you don't like systemctl's auto-paging feature:
# export SYSTEMD_PAGER=

# User specific aliases and functions
export TMOUT=604800

# ------------------------

set-window-title() {
  #echo -en "\033]0;$(pwd | sed -e "s;^$HOME;~;")\a"
  echo -en "\033]0;$(pwd | sed -e "s;^/home/;~;")\a"
}

if [[ "$PROMPT_COMMAND" ]]; then
  export PROMPT_COMMAND="$PROMPT_COMMAND;set-window-title"
else
  export PROMPT_COMMAND=set-window-title
fi

MyVM="VM3"

S3_DEV="https://xxxxx"
S3_PRD="https://xxxxx"

# ------------------------

alias ltr='ls -ltr'
alias histgit='history|grep git'
alias hists3='history|grep s3'
alias hist='history'

alias cddev='cd /home/$USER/desk1/dev'
alias cdprod='cd /home/$USER/desk1/prod'
alias cdtest='cd /home/$USER/desk1/test'
alias cdweb='cd /home/$USER/desk1/web'

alias suroot='sesudo su -'

alias s3dev="aws s3 --endpoint-url $S3_DEV --no-verify-ssl"
alias s3apidev="aws s3api --endpoint-url $S3_DEV:10443 --no-verify-ssl"
alias s3iamdev="aws iam --endpoint-url $S3_DEV:10443 --no-verify-ssl"

alias s3="aws s3 --endpoint-url $S3_DEV --no-verify-ssl"

alias s3prd="aws s3 --endpoint-url $S3_PRD:10443 --no-verify-ssl"
alias s3apiprd="aws s3api --endpoint-url $S3_PRD:10443 --no-verify-ssl"
alias s3iamprd="aws iam --endpoint-url $S3_PRD:10443 --no-verify-ssl"

# Add git branch in bash prompt
# source /usr/share/doc/git-$(git --version  | awk '{print $3}')/contrib/completion/git-prompt.sh
source /usr/share/doc/git/contrib/completion/git-prompt.sh

#PS1='\[\e[0m\][\[\e[0m\]\u\[\e[0m\]@\[\e[0m\]\h \[\e[0;1m\]\w \[\e[0m\]]\[\e[0m\]\$\[\e[0m\]'
export PS1='$MyVM:\[\033[36m\]\u\[\033[m\]@\[\033[32m\] \[\033[33;1m\]\w\[\033[0;32m\]$(__git_ps1 " (%s)")\[\033[m\] \$ '

# Source env python for ansible
source /home/$USER/myvenv/bin/activate

Accès au NAS

Bash
apt-get install gvfs-backends
apt-get install gvfs-fuse
apt-get install gigolo

Thunar: GO -> Browse Network

'apt-get update' failed: exit code 100

root@proxmox:~# apt-get update Get:1 http://security.debian.org bookworm-security InRelease [48.0 kB] Hit:2 http://ftp.fr.debian.org/debian bookworm InRelease
Get:3 http://ftp.fr.debian.org/debian bookworm-updates InRelease [55.4 kB]
Get:4 http://security.debian.org bookworm-security/main amd64 Packages [190 kB] Get:5 http://security.debian.org bookworm-security/main Translation-en [116 kB]
Err:6 https://enterprise.proxmox.com/debian/ceph-quincy bookworm InRelease
401 Unauthorized [IP: 51.91.38.34 443] Err:7 https://enterprise.proxmox.com/debian/pve bookworm InRelease 401 Unauthorized [IP: 51.91.38.34 443] Reading package lists... Done E: Failed to fetch https://enterprise.proxmox.com/debian/ceph-quincy/dists/bookworm/InRelease 401 Unauthorized [IP: 51.91.38.34 443] E: The repository 'https://enterprise.proxmox.com/debian/ceph-quincy bookworm InRelease' is not signed. N: Updating from such a repository can't be done securely, and is therefore disabled by default. N: See apt-secure(8) manpage for repository creation and user configuration details. E: Failed to fetch https://enterprise.proxmox.com/debian/pve/dists/bookworm/InRelease 401 Unauthorized [IP: 51.91.38.34 443] E: The repository 'https://enterprise.proxmox.com/debian/pve bookworm InRelease' is not signed. N: Updating from such a repository can't be done securely, and is therefore disabled by default. N: See apt-secure(8) manpage for repository creation and user configuration details. root@proxmox:~#

sudo nano /etc/apt/sources.list.d/pve-enterprise.list vi /etc/apt/sources.list.d/ceph.list

as directed in this document. in order to comment out the enterprise repository deb https://enterprise.proxmox.com/debian/pve bullseye pve-enterprise Saving the file and running sudo apt-get update solved the problems.