DEBIAN STRETCH KURULUM NOTLARI ============================== Kurulum, Netinstall CD'si ile yapılacak. Temel sistemin kurulması ------------------------ __Select a language__: English __Select your location__: other -> Asia -> Turkey __Configure locales__: United States en_US.UTF-8 __Additional locales__: tr_TR.UTF-8 __System Locale__: en_US.UTF-8 __Select a keyboard layout__: PC-style -> Turkish (Q layout) __Configure the network__: Özel bi durum olmadıkça DHCP kulan __DNS__: ``` 208.67.222.222 208.67.220.220 8.8.8.8 8.8.4.4 ``` __Configure the clock (time zone)__: Europe/Istanbul __Partitition disks__: Manual __Partition table__: gpt #### örnek bölümlendirme 1 ``` / 500 MB sda1 (bootable) /usr 5 GB sda2 (~3 GB) /var 5 GB sda3 (~2 GB) /tmp 500 MB sda4 (tmpfs yapılabilir) swap 1 GB sda5 (hibernate için ~RAM) /home X GB sda6 ``` #### örnek bölümlendirme 2 ``` /boot 100 MB sda1 (bootable) crypto X GB sda2 (mount to /) ``` SSD disk kullanılıyor ve TRIM desteği varsa ext4 partitionlarda discard özelliği aktif hale getirilecek. Bütün partitionlarda noatime özelliği aktif olsun. Kurulum sonrası ilk ayarlar --------------------------- #### /etc/apt/apt.conf.d/80recommends ``` APT::Install-Recommends "0"; APT::Install-Suggests "0"; ``` #### /etc/apt/sources.list ``` deb http://ftp2.de.debian.org/debian/ stretch main non-free contrib deb-src http://ftp2.de.debian.org/debian/ stretch main non-free contrib deb http://security.debian.org/debian-security stretch/updates main contrib non-free deb-src http://security.debian.org/debian-security stretch/updates main contrib non-free ``` #### Multimedia deposu kullanilacaksa... ``` deb http://www.deb-multimedia.org stretch main non-free deb-src http://www.deb-multimedia.org stretch main non-free ``` #### x2go kullanılacaksa... ``` deb http://packages.x2go.org/debian stretch main ``` #### riot.im kurulacaksa... ``` deb https://riot.im/packages/debian/ stable main ``` #### Ring kurulacaksa... ``` deb https://dl.ring.cx/ring-nightly/debian_9/ ring main ``` #### Anahtar yüklemeleri ###### Multimedia ```bash apt install deb-multimedia-keyring apt update ``` ###### x2go ```bash apt-get install x2go-keyring apt update ``` ###### riot.im ```bash wget -qNP /tmp/ https://riot.im/packages/debian/repo-key.asc apt-key add /tmp/repo-key.asc apt update ``` ###### Ring ```bash apt install apt-transport-https dirmngr apt-key adv --keyserver pgp.mit.edu --recv-keys \ A295D773307D25A33AE72F2F64CD5FA175348F84 apt update ``` #### Güncelleme ```bash apt update && \ apt -dy dist-upgrade && \ apt autoclean && \ apt dist-upgrade && \ apt autoremove --purge ``` #### İlk aşamada yüklenecek paketler ```bash apt install zsh tmux git vim-nox autojump bridge-utils apt install dbus libpam-systemd (container içine kurulumlarda gerekebilir) ``` #### Default paketlerden silinecekler ```bash apt purge installation-report reportbug nano apt purge tasksel tasksel-data task-english os-prober rm -rf /var/lib/os-prober # autoremove ile silinmemesi icin bu komut gerekli. apt install openssh-server apt autoremove --purge ``` #### Grub ayarları Grub için parola iki kere girilecek, görüntü gelmeyecek. ```bash grub-mkpasswd-pbkdf2 >>/etc/grub.d/01_password ``` ###### /etc/grub.d/01_password ``` #!/bin/sh # parola grub-mkpasswd-pbkdf2 komutu ile üretiliyor cat </dev/null | head -10 } update_hosts(){ HOSTS=`cat < /tmp/mplayer.pipe" bind[mplayer_mute] = Pause program[mplayer_vol_l] = sh -c "echo 'volume -1' > /tmp/mplayer.pipe" bind[mplayer_vol_l] = XF86AudioLowerVolume program[mplayer_vol_r] = sh -c "echo 'volume +1' > /tmp/mplayer.pipe" bind[mplayer_vol_r] = XF86AudioRaiseVolume ``` #### ~/bin/ ###### capture_screen Ekran görüntüsünü alıp SimpleHTTPServer ile web'ten yayınlar. Pencere yöneticisi için kısayol oluşturulsun. ``` #!/bin/bash mkdir -p /tmp/screenshot scrot /tmp/screenshot/screenshot.png echo '' > /tmp/screenshot/index.html x-terminal-emulator -vb +sb -fg NavajoWhite1 -bg black -cr yellow \ -fn "-misc-fixed-medium-r-normal--18-120-100-100-c-90-iso10646-1" \ -T "Capture Screen" -e /bin/bash -c \ "/sbin/ifconfig eth | grep 'inet addr:' | cut -d: -f2 | cut -d' ' -f1; \ echo -e '\n\n'; \ cd /tmp/screenshot && python -m SimpleHTTPServer 9999" ``` ###### zargan.py Kod deposundan kopyalanacak. #### Firefox ###### preferences * General -> When Firefox starts: Show a blank page * General -> Home page: https://emrah.com/ * General -> Language -> Choose -> Turkish (add, move down) * General -> Language -> Check your spelling as you type: false * General -> Downloads -> Always ask you where to save files: true * General -> Firefox Updates -> Automatically update search engines: False * General -> Network Proxy -> Settings ``` Manual Proxy Configuration SOCKS Host: localhost SOCKS Port: 28080 SOCKS Type: SOCKS v5 No Proxy for: localhost, 127.0.0.1, 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 Proxy DNS when using SOCKS v5: true ``` * Search -> Default Search Engine: DuckDuckGo * Privacy & Security -> Forms & Passwords -> Remember logins and passwords for websites: False * Privacy & Security -> History -> Never Remeber History * Privacy & Security -> Tracking Protection -> Always * Privacy & Security -> Block dangerous downloads: False * Privacy & Security -> Certificates -> View Certificates -> Authorities -> Delete or Distrust ``` E-Tuğra (silinecek) TUBITAK (silinecek) TURKTRUST (silinecek) ``` Bu işlem sonrasında otorite, listede kalacak ama güvenilir olduğunu belirten OK işareti kalkacak. ###### about:config * __browser.cache.disk.enable__: false * __browser.sessionstore.interval__: 60000 * __network.prefetch-next__: false * __intl.charset.fallback.utf8_for_file__: true ###### Add-ons * Tridactyl * Adblock Plus * NoScript Security Suite by Giorgio Maone * Markdown Viewer Webext ###### Diğer * Noscript whitelist temizlenir. * Bir kere boş tab açılıp Tridactyl için izin verilir. * Noscript izni verilecek sitelere bir kere girilir. * duckduckgo * demo siteler * player (dash, hls) * egroupware * github, ycombinator, wttr.in, debian, pypi * bankalar, yemeksepeti * digital ocean * radyolar ###### second profile __second__ adlı profili oluştur. ```bash firefox-esr -no-remote -ProfileManager ``` ```bash cd ~/.mozilla/firefox DEFAULT=$(ls | grep .default) SECOND=$(ls | grep .second) rm -rf $SECOND cp -arp $DEFAULT $SECOND ``` #### bitlbee ###### /etc/bitlbee/bitlbee.conf ``` DaemonInterface = 127.0.0.1 AuthMode = Closed AuthPassword = md5:... ``` ###### md5 değerini bulmak için ```bash bitlbee -x hash parola1 ``` ```bash /etc/init.d/bitlbee restart ``` #### weechat Ayarların default değerlerle oluşması için weechat-curses bir kere başlatılır. ###### ~/.weechat/weechat.conf ``` item_time_format = "%a, %d %b %Y %H:%M" ``` ###### ~/.weechat/logger.conf ``` auto_log = off ``` ###### ~/.weechat/irc.conf ``` [server_default] nicks = "emrah,emrah_,emrah__" realname = "emrah" username = "emrah" [server] freenode.addresses = "chat.freenode.net/7000" freenode.ssl = on freenode.ssl_dhkey_size = 512 freenode.password = "parola" freenode.autoconnect = on freenode.autoreconnect = on freenode.autoreconnect_delay = 10 freenode.nicks = "emrah,emrah_,emrah__" freenode.username = "emrah" freenode.realname = "emrah" freenode.autojoin = "#gnu,#debian" freenode.autorejoin = on freenode.autorejoin_delay = 1 bitlbee_loc.addresses = "127.0.0.1/6667" bitlbee_loc.ssl = off bitlbee_loc.password = "parola1" bitlbee_loc.autoconnect = on bitlbee_loc.autoreconnect = on bitlbee_loc.autoreconnect_delay = 10 bitlbee_loc.nicks = "emrah,emrah_,emrah__" bitlbee_loc.username = "emrah" bitlbee_loc.realname = "emrah" bitlbee_loc.command = "/msg nickserv identify parola2" bitlbee_loc.autorejoin = on bitlbee_loc.autorejoin_delay = 1 ``` ###### bitlbee hesabının açılması ``` register parola2 set charset utf-8 # gtalk account add jabber emrah@gmail.com account gtalk set ssl true account gtalk set server talk.google.com account gtalk set port 5223 account gtalk set password "parola_gtalk" account gtalk on ```