Skip to content

Instantly share code, notes, and snippets.

@reypm

reypm/README.md

Last active May 1, 2023 12:51
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save reypm/625647b54e128e1c201a39209ec9b190 to your computer and use it in GitHub Desktop.
Save reypm/625647b54e128e1c201a39209ec9b190 to your computer and use it in GitHub Desktop.
Download ZIP
New Dev Environment Fast Setup
Raw
README.md

Fedora Server Configuration Snippets

Install Parallels Tools

  • Go to Parallels Desktop menu bar Devices > CD/DVD > Connect image
  • Navigate to /Applications/Parallels Desktop/Contents/Resources/Tools
  • Click on prl-tools-lin.iso (for x86_64) or the equivalent for ARM and click Open
  • Mount the Parallels Tools image to Linux virtual machine:
mkdir /media/cdrom
mount /dev/cdrom /media/cdrom
  • Make sure the disk image is successfully mounted:
ls /media/cdrom
  • It should list the files located on the disk
install*  installer/  install-gui*  kmods/  tools/  version
  • Go to the Parallels Tools disk and run the installation package:
cd /media/cdrom
./install

Remove sudo password requirement

echo "$USER ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/$USER

Tweak DNF

sudo cp /etc/dnf/dnf.conf /etc/dnf/dnf.conf.bck
sudo nano /etc/dnf/dnf.conf

fastestmirror=1
max_parallel_downloads=10
deltarpm=true

Install updates

sudo dnf upgrade --refresh
sudo dnf check
sudo dnf autoremove
sudo reboot now

Setup Passwordless SSH Login

  • Check for existing SSH key pairs. If there are existing keys, you can either use those and skip the next step or
  • Backup up the old keys and generate a new one.
ls -al ~/.ssh/id_*.pub
  • Setup your SSH keys (this step can be ommited if you have some keys already and do not want to generate new ones)
ssh-keygen -t ed25519 -C "<your_email>"
  • Copy the keys to the server:
ssh-copy-id <remote_username>@<server_ip_address>

Install required packages

# Install needed libraries 
sudo dnf install mc git nfs-utils rpcbind

Setup NFS Server and Client

Server Configuration

# Enable the services during startup
sudo systemctl enable --now rpcbind nfs-server

# Create a copy for the default config file
cp /etc/exports /etc/exports.ori

# Edit the config file and add the following content
nano /etc/exports
<path_to_shared_resource> <ip_address_or_subnet>(rw,all_squash,async,no_subtree_check,anonuid=0,anongid=0)

# Example
/development 10.211.55.0/24(rw,all_squash,async,no_subtree_check,anonuid=0,anongid=0)

# Update configuration by running ...
sudo exportfs -a

# If needed the service can be restarted as well ...
sudo systemctl restart nfs-server

Note: anonuid and anongid MUST match the UDI and GUI from the NFS Server as seen from MacOS Client. More info can be found here

For NFS config options check here

Client configuration

Note: the following works for MacOS and has been tested in Catalina and Monterrey versions, should work for BigSur as well

To mount the NFS share use the following command:

sudo mount -o resvport,rw -t nfs fedora-server:/<shared_folder_on_server> <mount_point_in_client>

# Example:
sudo mount -o resvport,rw -t nfs fedora-server:/development ~/development

To unmount the NFS share use the following command:

sudo diskutil unmount force <mount_point_in_client>

# Example:
sudo diskutil unmount force ~/development

### Generate your server SSH key
In order to access your Github repositories from within the server you will need to generate your own key in the server
and add it later to the allowed SSH keys in GH. You can use the same process as the step above to generate the keys then
the following to copy the public key.
```bash
    # xclip only works if there is an X Server available [see](https://stackoverflow.com/questions/18695934/error-cant-open-display-null-when-using-xclip-to-copy-ssh-public-key)
    xclip -selection clipboard < ~/.ssh/id_<your_name>.pub

Disable SELinux

# Create a backup for the original configuration file
sudo cpo /etc/selinux/config /etc/selinux/config.bck
# Edit the file
sudo nano /etc/selinux/config

# Change from / to
SELINUX=enforcing / SELINUX=disabled

Disable Firewalld

sudo systemctl disable firewalld 
sudo systemctl stop firewalld

Install required packages

# for GUI
sudo dnf install xclip mc fedora-workstation-repositories snapd git

# Install Snapd
sudo ln -s /var/lib/snapd/snap /snap # for classic snap support

# Install Google Chrome
sudo dnf config-manager --set-enabled google-chrome
sudo dnf install google-chrome-stable
  -- dnf install google-chrome-beta
  -- dnf install google-chrome-unstable

# Install Snapd
sudo ln -s /var/lib/snapd/snap /snap
    
# Install PhpStorm
sudo snap install phpstorm --classic

# Fix issues with Chrome and GDM
sudo nano /etc/gdm/custom.conf
WaylandEnable=false

# Remove non-used packages
sudo dnf remove libreoffice* totem

Configure Git

git config --global pull.rebase false
git config --global user.name "Reynier Perez"
git config --global user.email <your_email>
git config --global core.editor nano

Hostname

hostnamectl set-hostname fedora

Install Docker and Docker-Compose

# Remove conflicts
# https://docs.docker.com/engine/install/fedora/#uninstall-old-versions
sudo dnf remove docker-*
sudo dnf config-manager --disable docker-*

## Enable old CGroups
sudo grubby --update-kernel=ALL --args="systemd.unified_cgroup_hierarchy=0"
sudo grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg

# Setup Repositories
# https://docs.docker.com/engine/install/fedora/#installation-methods
sudo dnf -y install dnf-plugins-core

sudo dnf config-manager \
--add-repo \
https://download.docker.com/linux/fedora/docker-ce.repo


# Install Docker
sudo dnf install docker-ce docker-ce-cli containerd.io

# Start Docker
sudo systemctl start docker

# Manage Docker as a non-root user
# you must logout & login back after this for changes to take effect
# https://docs.docker.com/engine/install/linux-postinstall/#manage-docker-as-a-non-root-user
sudo usermod -aG docker $USER  
newgrp docker

# Enable Docker to start automatically when system starts
# https://docs.docker.com/engine/install/linux-postinstall/#configure-docker-to-start-on-boot
sudo systemctl enable docker.service
sudo systemctl enable containerd.service

# Configuring remote access with systemd unit file
# https://docs.docker.com/engine/install/linux-postinstall/#configuring-remote-access-with-systemd-unit-file
```bash
sudo systemctl edit docker.service

[Service]
ExecStart=
ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock

# Allow Docker in Firewall (optional if Firewalld is enabled)
sudo firewall-cmd --permanent --zone=trusted --add-interface=docker0 && sudo firewall-cmd --reload

Note: Docker for Fedora 35

Install Docker-Compose

// For Docker-Compose v1
sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose

// For Docker-Compose v2
mkdir -p ~/.docker/cli-plugins/
curl -SL https://github.com/docker/compose/releases/download/v2.1.0/docker-compose-linux-x86_64 -o ~/.docker/cli-plugins/docker-compose

// For ARM 
curl -SL https://github.com/docker/compose/releases/download/v2.2.2/docker-compose-linux-aarch64 -o ~/.docker/cli-plugins/docker-compose

chmod +x ~/.docker/cli-plugins/docker-compose

Install Portainer

docker volume create portainer_data

docker run -d -p 8000:8000 -p 9443:9443 --name=portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest

Install Composer

sudo chown $USER -R /home/$USER/.composer (if the directory exists and is owned by someone else)
curl -sS https://getcomposer.org/installer | php
sudo mv composer.phar /usr/local/bin/composer 
sudo chmod +x /usr/local/bin/composer
composer -V

Customization

Install Zsh and OhMyZsh

sudo dnf install zsh
chsh -s $(which zsh) (logout & login)
sh -c "$(wget -O- https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"

Setup Powerlevel10k Theme

git clone --depth=1 https://gitee.com/romkatv/powerlevel10k.git ${ZSH_CUSTOM:-$HOME/.oh-my-zsh/custom}/themes/powerlevel10k
ZSH_THEME="powerlevel10k/powerlevel10k" in ~/.zshrc

Custom Configuration

# ~/.zshrc

zstyle ':omz:update' mode auto
zstyle ':omz:update' frequency 5

plugins=(
    git
    gitfast
    common-aliases
    ssh-agent
    dnf
)

# https://github.com/ohmyzsh/ohmyzsh/tree/master/plugins/ssh-agent
zstyle :omz:plugins:ssh-agent agent-forwarding on
zstyle :omz:plugins:ssh-agent identities id_ed25519

# User configuration
source ~/.zshrc_alias
source $ZSH/oh-my-zsh.sh

if [[ -n $SSH_CONNECTION ]]; then
   export EDITOR='nano'
else
   export EDITOR='nano'
fi

---
# ~/.zshrc_alias
# shellcheck shell=bash

# Disable the following lines if you're on macOS
#export DOCKER_HOST=tcp://fedora-server:2375

#function mount-dev() {
#   sudo mount -o resvport,rw -t nfs fedora-server:/development ~/development
#}

#function umount-dev() {
#   sudo diskutil unmount force ~/development
#}


alias myip="curl http://ipecho.net/plain; echo"
alias cat="bat"
alias ci="composer install --ignore-platform-reqs"
alias cu="composer update --ignore-platform-reqs"

export TIGM_HOME=/development
export TIGM_APIDOC=/development/apidoc
export TIGM_APPS=/development/apps
export TIGM_BINNACLE=/development/binnacle
export TIGM_ED=/development/ed
export TIGM_MAILER=/development/mailer
export TIGM_PAYMENT=/development/payment
export TIGM_USER=/development/user

tigm-home () {
  cd "$TIGM_HOME" || exit
}

tigm-apidoc () {
  cd "$TIGM_APIDOC" || exit
}

tigm-apidoc-validate () {
  cd "$TIGM_APIDOC" && docker run --rm -v $PWD:/spec redocly/openapi-cli lint openapi/openapi.yaml
}

tigm-apps () {
  cd "$TIGM_APPS" || exit
}

tigm-binnacle () {
  cd "$TIGM_BINNACLE" || exit
}

tigm-ed () {
  cd "$TIGM_ED" || exit
}

tigm-mailer () {
  cd "$TIGM_MAILER" || exit
}

tigm-payment () {
  cd "$TIGM_PAYMENT" || exit
}

tigm-user () {
  cd "$TIGM_USER" || exit
}


tigm-git-update-master () {
  cd "$TIGM_USER" && ./update-git-to-branch.sh && popd || exit
}

tigm-update-all () {
  cd "$TIGM_USER" && ./update-all.sh && popd || exit
}

tigm-bash-container () {
  cd "$TIGM_USER" && docker compose exec "$1" bash
}

tigm-dcup () {
  cd "$TIGM_USER" && docker compose down -v --remove-orphans && docker system prune --force --volumes && ./restart.sh && watch docker compose ps
}

tigm-dcdn () {
  cd "$TIGM_USER" && docker compose down -v --remove-orphans && docker system prune --force --volumes
}

Others

Fix Inotify Watches Limit for PhpStorm (see here)

echo "fs.inotify.max_user_watches = 524288" | sudo tee /etc/sysctl.d/phpstorm.conf
sudo sysctl -p --system

Gnome Extensions and Tweaks

sudo dnf install -y gnome-extensions-app gnome-tweaks
sudo dnf install -y gnome-shell-extension-appindicator

Flatpak support

flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
flatpak update

Fixes for ARM

# docker-compose.override.yml
version: "3.8"
services:
  traefik:
    ports:
      - "8010:80"
      - "8090:8080"
  mongo:
    ports:
      - "27017:27017"
  blackfire:
    platform: linux/arm64
    environment:
      BLACKFIRE_DISABLE_LEGACY_PORT: true
  mailcatcher:
    platform: linux/arm64
    build:
      context: Dockerfiles/mailtcatcher
    image: elinvo/mailcatcher:arm64
  mock-server-ed:
    platform: linux/arm64
    build:
      context: Dockerfiles/mockserver
    image: elinvo/mockserver:arm64

---
#Dockerfiles/mockserver/Dockerfile
FROM alpine as build
RUN apk add --update openssl ca-certificates bash wget
ARG REPOSITORY=releases
ARG VERSION=RELEASE
ARG REPOSITORY_URL=https://oss.sonatype.org/service/local/artifact/maven/redirect?r=${REPOSITORY}&g=org.mock-server&a=mockserver-netty&c=jar-with-dependencies&e=jar&v=${VERSION}
RUN wget --max-redirect=10 -O mockserver-netty-jar-with-dependencies.jar "$REPOSITORY_URL"
FROM openjdk:11
EXPOSE 1080
COPY --from=build mockserver-netty-jar-with-dependencies.jar /
ENTRYPOINT ["java", "-Dfile.encoding=UTF-8", "-cp", "/mockserver-netty-jar-with-dependencies.jar:/libs/*", "-Dmockserver.propertyFile=/config/mockserver.properties", "org.mockserver.cli.Main"]
CMD ["-serverPort", "1080"]

---
#DDockerfiles/mailtcatcher/Dockerfile
FROM ruby:2.4-alpine3.6

LABEL maintainer="Johannes Schickling <schickling.j@gmail.com>"

RUN set -xe \
    && apk add --no-cache \
        libstdc++ \
        sqlite-libs \
    && apk add --no-cache --virtual .build-deps \
        build-base \
        sqlite-dev \
    && gem install mailcatcher -v 0.8.0 --no-ri --no-rdoc \
    && apk del .build-deps

ENV HTTPPATH="/"
EXPOSE 1025
EXPOSE 1080
CMD ["sh", "-c", "mailcatcher --no-quit --foreground --ip=0.0.0.0 --http-path $HTTPPATH"]

Install Bat

https://www.linode.com/docs/guides/how-to-install-and-use-the-bat-command-on-linux

Install MesloLGS Patched Fonts source

Note: It is possible to use ~/.local/share/fonts instead of ~/.fonts.

#/bin/bash

echo "[-] Installing dependencies [-]"
sudo apt install fontconfig -y
sudo mkdir -p ~/.local/share/fonts

cd /tmp

echo "[-] Download fonts [-]"
echo "Downloading MesloLGS NF Regular ..."
wget -c https://github.com/romkatv/powerlevel10k-media/raw/master/MesloLGS%20NF%20Regular.ttf -O MesloLGSNFRegular.ttf
echo "Downloading MesloLGS NF Bold ..."
wget -c https://github.com/romkatv/powerlevel10k-media/raw/master/MesloLGS%20NF%20Bold.ttf -O MesloLGSNFBold.ttf
echo "Downloading MesloLGS NF Italic ..."
wget -c https://github.com/romkatv/powerlevel10k-media/raw/master/MesloLGS%20NF%20Italic.ttf -O MesloLGSNFItalic.ttf
echo "Downloading MesloLGS NF Bold Italic ..."
wget -c https://github.com/romkatv/powerlevel10k-media/raw/master/MesloLGS%20NF%20Bold%20Italic.ttf -O MesloLGSNFBoldItalic.ttf

sudo cp MesloLGSNFRegular.ttf ~/.local/share/fonts/
sudo cp MesloLGSNFBold.ttf ~/.local/share/fonts/
sudo cp MesloLGSNFItalic.ttf ~/.local/share/fonts/
sudo cp MesloLGSNFBoldItalic.ttf ~/.local/share/fonts/

sudo fc-cache -fv
echo "Done installing MesloLGS Patched Fonts!"
#/bin/bash

echo "[-] Installing Docker Engine [-]"
sudo apt remove docker docker-engine docker.io containerd runc
sudo apt update
sudo apt install ca-certificates curl gnupg lsb-release

sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg

echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

sudo apt update
sudo apt install docker-ce docker-ce-cli containerd.io docker-compose-plugin -y

echo "[-] Setting up groups & permisssions [-]"
sudo groupadd docker
sudo usermod -aG docker $USER
newgrp docker

sudo chown "$USER":"$USER" /home/"$USER"/.docker -R
sudo chmod g+rwx "$HOME/.docker" -R

echo "[-] Configure Docker to start on boot with systemd [-]"
sudo systemctl enable docker.service
sudo systemctl enable containerd.service

echo "[-] Installing Docker Compose [-]"
DOCKER_CONFIG=${DOCKER_CONFIG:-$HOME/.docker}
sudo mkdir -p $DOCKER_CONFIG/cli-plugins
sudo curl -SL https://github.com/docker/compose/releases/download/v2.14.2/docker-compose-linux-x86_64 -o $DOCKER_CONFIG/cli-plugins/docker-compose
sudo chmod +x $DOCKER_CONFIG/cli-plugins/docker-compose
docker compose version
 
echo "Done installing Docker and Docker Compose!"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment