HOWTO: Debian Build Box
This is a quick how-to on setting up a fresh Debian installation as a multi-purpose build environment. By fresh installation, we're talking about a bare-bones netinst with all installation tasks unchecked. If you choose to install standard system utilities, many of these packages will already be installed.
First, login as a standard user, then issue the su command to elevate to root:
$ su Password:
Install Some Software
Now that we're root, let's update the APT package listings and install some software.
# apt-get update ... # apt-get install sudo openssh-server openssh-client git build-essential
Use a Real Man's Editor
It's almost time to start editing some files, and I personally hate doing that in nano, so let's take a moment to switch the root user's default editor to Vim. As root, enter the following:
# apt-get install vim ... # update-alternatives --config editor There are 3 choices for the alternative editor (providing /usr/bin/editor). Selection Path Priority Status ------------------------------------------------------------ * 0 /bin/nano 40 auto mode 1 /bin/nano 40 manual mode 2 /usr/bin/vim.basic 30 manual mode 3 /usr/bin/vim.tiny 10 manual mode Press enter to keep the current choice[*], or type selection number: 2 update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/editor (editor) in manual mode
We can test whether this worked by issuing the editor command:
Set Up Sudo
You'll probably want to add your standard user to the sudo group. If you are setting up multiple users on your build box, you can add them, too. You will need to create each user first, which we won't cover in this how-to (here is a good tutorial). Once your users are set up, add them to the sudo group as follows:
# usermod -aG sudo [your-username] # usermod -aG sudo [other-username]
This will grant sudo privileges to each username you specify.
Passwordless Sudo (Optional)
By default, sudo requires a password. If this is a private build box and you're not super worried about security, you can go ahead and enable passwordless sudo. If you want to do this for all users, you can change the main sudoers file. The visudo command safely opens a sudoers file for editing, and checks it for syntax errors upon save. Uncaught errors could break things and totally prevent you from obtaining elevated priviliges, this is not something you want to mess around with, so always use visudo instead of a normal text editor:
...then find the following line:
%sudo ALL=(ALL:ALL) ALL
...and change it to this:
%sudo ALL=NOPASSWD: ALL
If you only want to enable passwordless operation for certain users, use this command instead:
# visudo -f /etc/sudoers.d/nopasswd
This will create a new file in /etc/sudoers.d, a special directory whose contents are dynamically included into the main sudoers file. Enter the following contents into the new empty file:
[your-username] ALL=NOPASSWD: ALL [other-username] ALL=NOPASSWD: ALL
...and so on. Each user you add here will be granted the ability to use sudo without a password, so be careful.
SSH and Git
We'll probably want to pull in some source code from Git repositiories so that we can build it. For this, we'll need an SSH key with access to the repositories we need.
Add an Existing SSH Keypair
If you already have an SSH key, you can install it into the ~/.ssh directory. This directory does not exist by default, but we can easily create it by invoking the ssh command. If you're still logged in as root, log out and get yourself logged into a shell as your standard user.
$ ssh localhost ... $ exit
When prompted, accept the fingerprint and enter your password to log in to the local machine. Then we can log out, which ends the SSH session and puts you back into the local shell. Now you can copy your existing keys (public and private) into the ~/.ssh directory.
Create a New Keypair
If you don't already have an SSH key you want to use, we can easily create a new one as follows:
Unless you know otherwise, it's probably safe to accept the default values and leave the password empty, but this is ultimately up to you.
The next step is to add your new SSH public key to the SSH server which hosts your Git repositories. This is beyond the scope of this how-to, but here is a good walkthrough for SSH servers, and here is one for GitHub.
Personally, I maintain a GitHub repository with all my linux dotfiles, so that any machine I SSH into has the same shell environment. I use zsh instead of bash. At this point in our setup, I have everything I need to install zsh via APT, clone my dotfiles repo from GitHub, run the dotfiles install script and change my default shell via chsh. Then I simply log out and back in, greeted with my fully-customized ZSH and Vim configurations.