Skip to content

Instantly share code, notes, and snippets.

@njbair

njbair/HOWTO-debian-build-box.md

Last active September 11, 2015 18:22
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save njbair/f5dc68251a06399a2382 to your computer and use it in GitHub Desktop.
Save njbair/f5dc68251a06399a2382 to your computer and use it in GitHub Desktop.
Download ZIP
Setting up a base Debian installation as a generic build environment
Raw
HOWTO-debian-build-box.md

HOWTO: Debian Build Box

This is a quick how-to on setting up a fresh Debian installation as a multi-purpose build environment. By fresh installation, we're talking about a bare-bones netinst with all installation tasks unchecked. If you choose to install standard system utilities, many of these packages will already be installed.

First, login as a standard user, then issue the su command to elevate to root:

$ su
Password:

Install Some Software

Now that we're root, let's update the APT package listings and install some software.

# apt-get update
...
# apt-get install sudo openssh-server openssh-client git build-essential

Use a Real Man's Editor

It's almost time to start editing some files, and I personally hate doing that in nano, so let's take a moment to switch the root user's default editor to Vim. As root, enter the following:

# apt-get install vim
...
# update-alternatives --config editor
There are 3 choices for the alternative editor (providing /usr/bin/editor).

  Selection    Path                Priority   Status
------------------------------------------------------------
* 0            /bin/nano            40        auto mode
  1            /bin/nano            40        manual mode
  2            /usr/bin/vim.basic   30        manual mode
  3            /usr/bin/vim.tiny    10        manual mode
  
Press enter to keep the current choice[*], or type selection number: 2
update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/editor (editor) in manual mode

We can test whether this worked by issuing the editor command:

# editor

Set Up Sudo

You'll probably want to add your standard user to the sudo group. If you are setting up multiple users on your build box, you can add them, too. You will need to create each user first, which we won't cover in this how-to (here is a good tutorial). Once your users are set up, add them to the sudo group as follows:

# usermod -aG sudo [your-username]
# usermod -aG sudo [other-username]

This will grant sudo privileges to each username you specify.

Passwordless Sudo (Optional)

By default, sudo requires a password. If this is a private build box and you're not super worried about security, you can go ahead and enable passwordless sudo. If you want to do this for all users, you can change the main sudoers file. The visudo command safely opens a sudoers file for editing, and checks it for syntax errors upon save. Uncaught errors could break things and totally prevent you from obtaining elevated priviliges, this is not something you want to mess around with, so always use visudo instead of a normal text editor:

# visudo

...then find the following line:

%sudo   ALL=(ALL:ALL) ALL

...and change it to this:

%sudo   ALL=NOPASSWD: ALL

If you only want to enable passwordless operation for certain users, use this command instead:

# visudo -f /etc/sudoers.d/nopasswd

This will create a new file in /etc/sudoers.d, a special directory whose contents are dynamically included into the main sudoers file. Enter the following contents into the new empty file:

[your-username] ALL=NOPASSWD: ALL
[other-username] ALL=NOPASSWD: ALL

...and so on. Each user you add here will be granted the ability to use sudo without a password, so be careful.

SSH and Git

We'll probably want to pull in some source code from Git repositiories so that we can build it. For this, we'll need an SSH key with access to the repositories we need.

Add an Existing SSH Keypair

If you already have an SSH key, you can install it into the ~/.ssh directory. This directory does not exist by default, but we can easily create it by invoking the ssh command. If you're still logged in as root, log out and get yourself logged into a shell as your standard user.

$ ssh localhost
...
$ exit

When prompted, accept the fingerprint and enter your password to log in to the local machine. Then we can log out, which ends the SSH session and puts you back into the local shell. Now you can copy your existing keys (public and private) into the ~/.ssh directory.

Create a New Keypair

If you don't already have an SSH key you want to use, we can easily create a new one as follows:

$ ssh-keygen

Unless you know otherwise, it's probably safe to accept the default values and leave the password empty, but this is ultimately up to you.

The next step is to add your new SSH public key to the SSH server which hosts your Git repositories. This is beyond the scope of this how-to, but here is a good walkthrough for SSH servers, and here is one for GitHub.

Personalization

Personally, I maintain a GitHub repository with all my linux dotfiles, so that any machine I SSH into has the same shell environment. I use zsh instead of bash. At this point in our setup, I have everything I need to install zsh via APT, clone my dotfiles repo from GitHub, run the dotfiles install script and change my default shell via chsh. Then I simply log out and back in, greeted with my fully-customized ZSH and Vim configurations.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment