配置Ubuntu server + Openbox (Obuntu)

这是一个从别处得到的脚本，用于创建超洁净的系统。我安装自己的习惯使用了其中一些部分，用于创建使用 Openbox 窗口系统的简洁系统。

常用 Obuntu 软件

sudo apt-get --no-install-recommends install pkg # 不安装推荐软件

文件管理器/搜索/查重/磁盘分析/磁盘分区 thunar catfish fdupes/dupeguru_pe baobab cfdisk
系统监控 htop bmon(网络)
系统服务管理 sysv-rc-conf setup
脑图 freeplane(支持 latex) docear(学术型，基于 freeplane) Xmind
备份工具 luckybackup
输入法 fcitx-sogoupinyin fcitx-ui-classic
邮件 mutt msmtp claws-mail
画图 mtpaint
看图 gpicview mirage gv dia gthumb
记事本 leafpad
压缩/解压 unar (good!) zip unzip rar unrar p7zip p7zip-full p7zip-rar file-roller archivemount
PDF mupdf pdftoipe xournal pdftk Inkscape
RSS newsbeuter
音乐播放器 mocp audacious
面板 tint2
终端 tilda terminator
壁纸 feh
截屏 scrot
命令提示 bash-completion command-not-found
打开 Num Lock 键 numlockx
剪贴板 clipit xsel
读取图片中的数据点 engauge-digitizer
镜像整个网站 httrack webhttrack
制作视频 openshot kazam
RDP/VNC 桌面共享 remmina
分叉分析 xppaut/matcont(matlab)
终端版网页浏览器 w3m-img(配合 xterm 可看图片)/links2(不支持中文)
终端 BT 软件 rTorrent
内网穿透/代理 n2n ngrok tinyproxy tsocks proxychains polipo/privoxy(socks5 to http) mitmproxy(抓包, 可采用 postman 重放 HTTP 请求)
数据库 sqlite sqliteman squirrel-sql(java gui client) mycli(python 包 MySQL 客户端)
Latex texstudio/gummi
摄像头 cheese
CPU 消耗测试 stress
网络可视化 gephi
帮助文档 tldr devhelp assistant-qt4 zeal
Markdown remarkable
全文索引 xapian-omega xapian-tools recoll
数据分析工具 VisIt(3D 可视化)
效率 autojump

安装 UBUNTU 基本系统

安装基本的命令行系统，选英文。装好重启后马上把系统 tar 备份(只有 186M)，下次重装 1 分钟就可以解压

我并未自动执行此脚本，而是选择修改其中一部分手动执行。

#!/bin/bash #联网----------->卸载 DHCP、配置拨号、解决掉线、网络接口
sudo apt-get -y purge isc-dhcp-client && sudo pppoeconf && sudo pon dsl-provider && sudo /etc/init.d/networking restart
sudo sed -e 's/interval 30/interval 300000/' -e 's/failure 4/failure 40000/' -i /etc/ppp/options
sudo sed -e '/auto eth0/s/^/#&/' -e '/dhcp/s/^/#/' -i /etc/network/interfaces
sudo sed -e '/192.168/s/^/#&/' -e '/dhcp/s/^/#/' -i /etc/resolv.conf

#加速----------->取消开机配置网络等待 60 秒
sudo sed -e 's/sleep 20/sleep 0/' -e 's/sleep 40/sleep 0/' -e 's/sleep 59/sleep 0/' -e 's/sleep 1/sleep 0/' -i /etc/init/failsafe.conf

# or change the dhcp wait time

sudo sed -e 's/^timeout 300;$/timeout 20;/' -i /etc/dhcp/dhclient.conf

#时间----------->设置地区、同步时间、写入硬件
sudo rm /etc/localtime && sudo ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && sudo ntpdate-debian && sudo hwclock -w

#启用所有 Sysrq 指令，内存泄露时使用 Alt-Sysrq/[Fn-PrintScreen]-F 调起 OOM Killer
sudo sed -i "s#.\*kernel.sysrq=0#kernel.sysrq=1#" /etc/sysctl.conf

#换源----------->网易源http://mirrors.163.com/
sudo wget http://ubuntuone.com/4CaJOYzm68pPmTJOwhwRRb -O /etc/apt/sources.list && sudo apt-get update

#公钥----------->extras.ubuntu.com precise Release:没有公钥无法验证签名：16126D3A3E5C1192
sudo gpg --keyserver subkeys.pgp.net --recv 16126D3A3E5C1192 && sudo gpg --export --armor 16126D3A3E5C1192 | sudo apt-key add -
#gpg --keyserver subkeys.pgp.net --recv 16126D3A3E5C1192 && gpg --export --armor 16126D3A3E5C1192 | sudo apt-key add -
sudo apt-get update

# maybe disable the whole cloud things

sudo touch /etc/cloud/cloud-init.disabled

#调包----------->从 U 盘还原软件包
#sudo tar zxvf /mnt/back/deb.tgz -C /

#中文----------->中文包、输入法、字体、Local
sudo sed -e '$a\LANG="zh_CN.UTF-8"' -e '$a\LANGUAGE="zh_CN:zh:en_US:en"' -i /etc/environment
sudo sed -n -e '1 i\LANG="zh_CN.UTF-8"' -e 'a\LANGUAGE="zh_CN:zh:en_US:en"' -i /etc/default/locale
sudo sed '1 i\zh_CN.UTF-8 UTF-8' -i /var/lib/locales/supported.d/local
sudo apt-get install language-pack-zh-hans fcitx ttf-wqy-microhei && fc-cache -fv && sudo locale-gen

# 可能需要使用以下命令勾选未选择的语言包

#sudo dpkg-reconfigure locales

#图形----------->X 环境+显卡驱动+openbox 套件
sudo apt-get install xorg xserver-xorg-legacy nvidia-current openbox tint2 tilda feh scrot thunar gigolo lxappearance cairo-dock

#声音----------->ALSA+[obmixer+pavucontrol]<---------面板音量控制
sudo apt-get install alsa pavucontrol && sudo gpasswd -a $USER audio && alsamixer
wget http://jpegserv.com/linux/obmixer/obmix ... 1_i386.deb && sudo dpkg -i o*deb && rm o*deb

#摄像头/音频工作组
sudo adduser $USER video
sudo adduser $USER audio

# or

sudo usermod -aG video,audio $USER

# active your group

exec su -l $USER

#文件管理器、自动挂载及文件系统支持
sudo apt-get install thunar thunar-volman udisk2 gvfs policykit-1 #需要先启动 thunar-volman
sudo sed -e 's/any>no/any>yes/' -e 's/auth_admin_keep/yes/' -e 's/auth_admin/yes/' -i /usr/share/polkit-1/actions/org.freedesktop.udisks2.policy
sudo sed -e 's/any>no/any>yes/' -e 's/auth_admin_keep/yes/' -e 's/auth_admin/yes/' -i /usr/share/polkit-1/actions/org.freedesktop.policykit.policy
sudo sed -i 's/#TMPTIME=0/TMPTIME=60/' /etc/default/rcS #重启时只清除 60 天前的文件

#增加 Inotify 可监视的文件数量
echo 'fs.inotify.max_user_watches = 524288' |sudo tee -a /etc/sysctl.conf && sudo sysctl -p --system

#Apport 错误报警没啥用，禁用掉
sudo systemctl disable apport.service && sudo systemctl mask apport.service

#小红帽灵敏度设置
device_path=$(find /sys/devices/platform/i8042 -name name | xargs grep -Fl TrackPoint | sed 's/\/input\/input[0-9]*\/name$//')
#echo 225 | sudo tee $device_path/sensitivity
echo 225 | sudo tee $device_path/speed
echo "SUBSYSTEM==\"serio\", DRIVERS==\"psmouse\", WAIT_FOR=\"$device_path/sensitivity\", ATTR{sensitivity}=\"225\", ATTR{speed}=\"225\"" | sudo tee /etc/udev/rules.d/80-trackpoint.rules
#sudo udevadm control --reload-rules
#sudo udevadm trigger

#登录----------->tty1 自动登录
echo -e '#!/bin/bash \n/bin/login -f nick' > autologin && chmod +x autologin && sudo cp autologin /usr/bin/autologin && rm autologin
sudo sed '$d' -i /etc/init/tty1.conf && sudo sed '$a\exec /sbin/getty -n -l /usr/bin/autologin 38400 tty1' -i /etc/init/tty1.conf

#引导----------->设置启动选项、启用 framebuffer、终端分辨率
sudo sed -e 's/=10/=2/' -e 's/quiet splash/text/' -e 's/""/"vga=792"/' -e '/640x480/s/#//' -e 's/640x480/1204x768/' -i /etc/default/grub
sudo update-grub

#配置----------->家目录配置文件
#tar zxvf /mnt/back/conf.home.tgz -C ~/
wget http://ubuntuone.com/2n2bkjQZUcgA3YPXPhv2kR -O conf.home.tgz && tar zxvf *home.tgz -C ~/ && rm *home.tgz

#化蝶
#wget http://ubuntuone.com/933bu8H9H4B7S2O97GP6U15zN6dswtE -O goa.zip && unzip goa.zip && rm goa.zip
#swap----------->创建大小为 1G 的文件用于 swap，文件名 swapfile，路径/
#sudo dd if=/dev/zero of=/swapfile bs=1M count=1024 && sudo chmod 600 /swapfile && sudo mkswap /swapfile
#sudo sed -i '$a\/swapfile swap swap defaults 0 0' /etc/fstab

#重启
sudo reboot

Configuration

Basic commands for configure a user

# add a user
sudo adduser --quiet \
    --home /home/${UserName} \
    --shell /bin/bash \
    --uid 10${IDSuffix} \
    ${UserName}

# or following low-level
sudo useradd -U -m \
    -G docker,users \
    -k UMASK=077 \
    -u 10${IDSuffix} \
    -p "$(echo PASSWORD4U|makepasswd --clearfrom=- --crypt-md5 | awk '{print $2}')"
    -s /bin/bash ${UserName}

# add a samba user
echo -e 'PASSWORD4U\nPASSWORD4U\n' | sudo smbpasswd -a -s ${UserName}

To grant the sudo permission to all wheel or sudo group user, use command sudoedit /etc/sudoers and then modify as follow:

# Comment-out following two lines for `sudo` not asking for root password
#Defaults targetpw   
#ALL   ALL=(ALL) ALL

# Grant users in wheel group ("%whell") on all host(1st "ALL") run all command (last "All") as any user (second "ALL")
%wheel ALL=(ALL) ALL

# Grant users in groupA permission to run `sudo -u userB /path/to/excutatble.bin` without password.
%groupA ALL=(userB) NOPASSWD:/path/to/excutatble.bin,/another/excutatble.bin

To be noticed, by appending line AllowGroups wheel to file /etc/ssh/sshd_config, only user belong to wheel group is allowed to ssh into the host OS.

Configure a DNS record

The default port of dnsmasq service is $HOST_IP:${DNS_PORT-53}.

#setup the upper dns server
sudo sed -i 's/^server=.*/server=192.168.1.1/' /etc/dnsmasq.conf

# configure all `*.uorz.me` will have IP `192.168.1.8`
echo 'address=/uorz.me/192.168.1.8' | sudo tee -a /etc/dnsmasq.d/uorz.conf

# restart dns service
sudo systemctl restart dnsmasq

In some case the dnsmasq service removed systemd-resolved.service somehow after reboot. Add NETCONFIG_DNS_STATIC_SEARCHLIST="corp.dns.com corp2.dns.com" to the /etc/sysconfig/network/config and then sudo netconfig update -f to configure the search domain manually.

Now try dig @${HOST_IP} ip.uorz.me to see whether the DNS is return the IP correctly.

BTW, There is a python2 script dnsproxy.py as dnsmasq alternative which show how DNS works. Using echo 192.168.1.8 *.uorz.me > myhosts && sudo python2 dnsproxy.py -f ./myhosts -s 192.168.1.1 -H 0.0.0.0 -p 53 to start the service (-s represent the upper stream DNS server).

Use the DNS on windows desktop

Open your network connection configuration and change the properties of Internet Protocol Version 4 (TCP/IPv4). Replace the Alternate DNS Server from 8.8.8.8 to 192.168.1.8 or your own host DNS server.

Another way to configure the DNS is by setup the domain-IP relationship directly in file C:\Windows\System32\drivers\etc\hosts by appending a new line like 192.168.1.8 xxx.uorz.me.

Use the DNS on Linux

Most Linux system might have systemd-resolved as the default system internal DNS server. First use command ipconfig /all in windows CMD to find out needed information on upstream DNS configuration.

Then edit the file /etc/systemd/resolved.conf to configure the upper stream DNS server and search domain(the DNS suffix) as following:

[Resolve]
DNS=192.168.1.1
Domains=~. corp.dns.com corp2.dns.com

Then restart related service with sudo systemctl daemon-reload && sudo systemctl restart systemd-resolved.service. The configuration will be transcript into /run/systemd/resolve/stub-resolv.conf and finally linked to /etc/resolve.conf.

Multiple DNS server

The systemd-resolved will default listen on 172.0.0.53:53 and is the only DNS provider in default. To use multiple DNS server at the same time, we have to change the symlink file /etc/resolve.conf into a normal file with extra DNS server configuration.

See following example:

sudo mv /etc/resolve.conf /etc/resolve.conf.bak
sudo tee /etc/resolve.conf  <<EOF
# the systemd-resoved DNS stub service
nameserver 127.0.0.53
# the configurated dnsmasq service
nameserver 192.168.1.8
# search option for appending domain suffix automatically
search corp.dns.com corp2.dns.com
EOF

Samba/NFS server

The host samba system have following configuration:

[global]
	workgroup = UORZ
	netbios name = UORZ
	passdb backend = tdbsam
	printing = cups
	printcap name = cups
	printcap cache time = 750
	cups options = raw
	map to guest = Bad User
	logon path = \\%L\profiles\.msprofile
	logon home = \\%L\%U\.9xprofile
	logon drive = P:
	usershare allow guests = Yes

[homes]
	comment = Home Directories
	valid users = %S, %D%w%S
	browseable = Yes
	read only = No
	inherit acls = Yes
	create mask = 0755
	directory mask = 0755

[Public]
	comment = Public shared folder
	path = /media/Public
	browseable = Yes
	read only = No
	inherit acls = Yes
	force group = users
	create mask = 0775
	directory mask = 0775

Windows samba client

For shared folder between the server and our desktop.

net use X: \\192.168.1.8\Public /user:UORZ\%YOUR_USER_NAME%

net use X: /delete

Linux samba client

We need to use samba client version 1.0 (vers=1.0) to enable the Unix extension as SMB 2.0+ do not have such feature yet.

# setup mount point
cat > /lib/systemd/system/home-${UserName}.mount <<EOF
[Unit]
Description=Home for ${UserName}

[Mount]
What=//192.168.1.8/${UserName}
Where=/home/${UserName}
Options=rw,username=${UserName},password=${Password-PASSWORD4U},uid=10${IDSuffix},gid=10${IDSuffix},domain=UORZ,vers=1.0
Type=cifs

[Install]
WantedBy=multi-user.target
EOF

# setup the automount
cat > /lib/systemd/system/home-${UserName}.automount <<EOF
[Unit]
Description=HOME

[Automount]
Where=/home/${UserName}

[Install]
WantedBy=multi-user.target
EOF

# enable the automount service
systemctl enable home-${UserName}.automount

Conda

Use following commands to use self hosted conda proxy:

CONDA_CHANNEL_ALIAS=http://conda.proxy/conda/

# create a new environment with only specified channel
conda create --prefix $CONDA_DIR/envs/${Name:-idp37} -k --override-channels -c ${CONDA_CHANNEL_ALIAS}/${CHANNEL:-intel} intelpython3_core python=3.7

# enter/exit the environment
source activate idp37
conda deactivate

# python get package search path with `site` module.
# Place `*.pth` file to append search path
echo $CONDA_DIR/lib/python3.7/site-packages >> $CONDA_DIR/envs/idp37/lib/python3.7/site-packages/fallback.pth

# register Jupyter kernel
cp -r $CONDA_DIR/share/jupyter/kernels/{python3,idp37}
cat >> $CONDA_DIR/share/jupyter/kernels/idp37/kernel.json <<EOF
{
 "argv": [
  "/opt/conda/envs/idp37/bin/python",
  "-m",
  "ipykernel_launcher",
  "-f",
  "{connection_file}"
 ],
 "display_name": "Intel Python 3",
 "language": "python"
}
EOF
#jupyter kernelspec install --name ${Name:-idp37} --prefix=$CONDA_DIR ${Name:-idp37}

# extra conda commands
conda env list # show aviable conda environment
conda config --show channels # this will read `~/.condarc` and `$CONDA_DIR/.condarc`
conda env remove -n ${Name:-idp37} # this will remove the env folder under `~/.conda/envs`
conda clean -a # clean downloaded pkgs under `$CONDA_DIR/pkgs`

Pip

Pure Pip

On OS with network, use command pip download --only-binary=:none: --prefer-binary --trusted-host pypi.org -i https://pypi.org/simple --progress-bar on --dest ${DEST_PATH-downloads} ${PIP_PKG_NAME} to download all required pip packages.
Inside restricted network, use command pip install --no-index --find-links=${DEST_PATH-downloads} ${PIP_PKG_NAME} to install the package from local directory.

Pip Cache server

Use python-pypi-mirror to create a pip mirror.

 pip install python-pypi-mirror
 pypi-mirror download -d ${DEST_PATH-downloads} ${PIP_PKG_NAME}
 pypi-mirror create -d ${DEST_PATH-downloads} -m simple

Inside restricted network, place the simple directory under a web server or create one using python3 -m http.server ${PORT-8000}.
Install with normal pip command like pip install -i http://${IP-127.0.0.1}:${PORT-8000}/simple ${PIP_PKG_NAME}.

注意

调用 xev 命令查看键位

重新安装 xorg

sudo apt-get remove --purge xserver-xorg-video-ati xserver-xorg-video-radeon
sudo apt-get install xserver-xorg-video-ati xserver-xorg-video-radeon
sudo apt-get install --reinstall libgl1-mesa-glx libgl1-mesa-dri xserver-xorg-core
sudo dpkg-reconfigure xserver-xorg

To fix Gtk-WARNING ... "murrine" warning, sudo apt install gtk2-engines-murrine
Trust exported root CA to avoid SSL validation error: sudo cp exported-cert.cer /usr/local/share/ca-certificates/exported-cert.crt && sudo dpkg-reconfigure ca-certificates or env CURL_CA_BUNDLE=/path/to/exported-cert.crt command every time.

图解 Openbox 配置文件

/
├────/home/nick/
│ │
│ ├──── .xinitrc
│ │ │
│ │ │X 启动呼叫 openbox 会话
│ │ │exec ck-launch-session dbus-launch --sh-syntax --exit-with-session openbox-session
│ │
│ ├──── .xserverrc
│ │ │
│ │ │ 指定 X 服务器
│ │ │exec /usr/bin/X :0
│ │
│ ├──── .wallpaper
│ │ │
│ │ ├────wallpaper_conf
│ │ │ │
│ │ │ └────wallpaper.sh
│ │ │ │
│ │ │ │ 随机壁纸脚本内容
│ │ │ │#!/bin/bash
│ │ │ │WALLPAPERS="$HOME/.wallpaper/wallpapers"
│	│ 	│				│ALIST=( `ls -w1 $WALLPAPERS` )
│	│ 	│				│RANGE=${#ALIST[*]}
│ │ │ │SHOW=$(( $RANDOM % $RANGE ))
│	│ 	│				│feh --bg-scale $WALLPAPERS/${ALIST[$SHOW]}
│ │ │
│ │ └────wallpapers
│ │ │
│ │ └──── 喜欢的壁纸扔到里面
│ │
│ ├──── .config
│ │ │
│ │ └────openbox
│ │ │
│ │ ├────menu.xml
│ │ │ │
│ │ │ │Openbox 右键菜单
│ │ │
│ │ ├────rc.xml
│ │ │ │
│ │ │ │Openbox 键绑定、桌面名和窗口行为
│ │ │
│ │ ├────autostart.sh
│ │ │ │
│ │ │ │Openbox 会话内容
│ │ │ │./.wallpaper/wallpaper_conf/wallpaper.sh
│ │ │ │tint2 &
│ │ │ │(sleep 0.03 && cairo-dock) &
│ │ │ │(sleep 1.50 && fcitx) &
│ │ │ │(sleep 1.90 && obmixer) &
│ │ │ │(sleep 1.91 && tilda) &
│ │ │
│ │ └────environment
│ │ │
│ │ │Openbox 环境变量
│ │ │export LANG=zh_CN.UTF-8
│ │ │export LANGUAGE=zh_CN:zh
│ │ │export XMODIFIERS=@im=fcitx
│ │ │export GTK_IM_MODULE=fcitx
│ │ │export QT_IM_MODULE=fcitx
│ │
│ └──── .profile
│ │
│ │tty1 登录时自动 startx，加上以下几句
│ │#auto startx
│ │if [ -z "$DISPLAY" ] && [ $(tty) == /dev/tty1 ]; then
│ │ startx
│ │fi
│
├────/usr/bin/autologin
│ │
│ │tty1 不输密码、自动登录，创建 autologin 放到/usr/bin/
│ │#!/bin/bash
│ │/bin/login -f nick
│
├────/etc/init/tty1.conf
│ │
│ │tty1 不输密码、自动登录，让 tty1.conf 执行 autologin
│ │ 找到这行：exec /sbin/getty 38400 tty1 换成下面这行
│ │exec /sbin/getty -n -l /usr/bin/autologin 38400 tty1
│ │
├────/etc/default/grub
│ │
│ │ 编辑 GRUB2，开机自动进 tty1
│ │ 找到这行：GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"换成下面这行
│ │GRUB_CMDLINE_LINUX_DEFAULT="text"
│
├────/etc/environment
│ │
│ │ 设置中文环境
│ │PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games"
│ │LANG="zh_CN.UTF-8"
│ │LANGUAGE="zh_CN:zh:en_US:en"
│
├────/etc/default/locale
│ │
│ │ 设置中文环境
│ │LANG="zh_CN.UTF-8"
│ │LANGUAGE="zh_CN:zh:en_US:en"
│
└────/var/lib/locales/supported.d/local
│
│ 设置中文环境
│zh_CN.UTF-8 UTF-8
│en_US.UTF-8 UTF-8

Linux 34

Ubuntu 9

hg 1

git 2

GSL 1

SSH 4

TeX 1

Code::Blocks 1

Makefile 2

Matlab 3

花生壳 1

grub 1

stardict 1

Windows 3

VirtualBox 1

R 18

Kubuntu 2

Telnet 1

C++ 7

SSE 1

VPN 1

pptpd 1

WordPress 2

Firefox 1

Shell 4

C 1

printf 1

ggplot 2

cygwin 1

cgroup 1

CUDA 3

NTP 1

Server 1

VNC 1

qtiplot 1

mime 1

openbox 1

Grub 1

RCurl 1

IPV6 1

不务正业 1

cgroups 1

ulimit 1

Freetype 1

Gnuplot 2

LibGD 1

GCC 1

libtorrent 1

rtorrent 1

OS 2

awk 1

tips 3

Project Euler 11

Nvidia 1

QT 1

VS2010 1

phpcloud 1

RSS 1

TTRSS 1

crontab 1

alsa 1

capture 1

autofs 1

NIS 1

Samba 1

Apache 1

texmacs 1

ifuse 1

Ipod 1

rsync 1

Jekyll 1

Markdown 2

C/C++ 2

Vim 1

Vimperator 1

firefox 1

Openbox 1

Ubuntu server 1

Obuntu 1

Ipython 1