The history of creating a home cloud. Part 1. Setting up your Debian environment for everyday use

  • Tutorial
Once upon a time, in 2011, I came to the hub with the article “ Debian Server for a novice ”, which was a systematization of various information and its presentation in an up-to-date and efficient form. This article is also positioned as reference material for a novice or regular Linux user, a little of my contribution to the popularization of Linux. In fact, all I will write about is a detailed instruction for installing and configuring the Nextcloud home cloud service from scratch.



The created virtual machine with Nextcloud worked since March 2017 with virtually no glitches and in the fall of 2017 I thought about the article. I still have a lot of notes and comments regarding the solution of various problems and nuances, for a long time I had the idea to bring it all in order and publish and the New Year holidays of 2018 helped me in this. I must say that the article was at least six months late, but I think that installing and configuring the current versions of Debian and Nextcloud, by analogy with the information below, will not be difficult, although, as you know, the devil is in the details.
Below, the reader will get acquainted with the prerequisites for creating his cloud and get working instructions on how to start Debian, easy tuning the Gnome3 environment, compiling, building and installing packages for Debian, installing and configuring Apache, SQL and PHP services and getting started, generating and connecting a self-signed SSL certificate for Apache virtual host, installation and configuration of Nextcloud. I did not design this article as a technical manual or tutorial with a long string of teams, but decided to try to write the article as a story, but without prejudice to the technical component. Experienced Linux users are unlikely to find anything new here, but they may be able to read it as a thematic story in the minute of their free time.



Table of contents


Part 1. Setting up the Debian environment for everyday use
Part 2. Creating a server - setting up LAMP in Debian
Part 3. Creating a personal cloud - installing and configuring Nextcloud Part 4. Updating
2018 - Debian 9 and Nextcloud 13



Fast chapter navigation


Preface
Problem statement
Creation and basic configuration of a virtual machine
Control panel
settings Configuring BASH
Configuring repositories
Updating the operating system
Installing
software
Configuring gnome
Configuring a network
Configuring a firewall
Installing vmware-tools 10.0.10 in a Debian environment 8.7.1
Assembling, installing, and setting up notepadqq
Build and Install Double Commander



Foreword


Our story begins at the end of 2015, when I purchased a new smartphone. The Motorola Droid Turbo turned out to be a productive device, with large memory, a QHD display with an acceptable (relatively small) diagonal, a capacious battery and practically clean Android on board, which in my eyes has always been an undoubted plus. The back panel trim with ballistic nylon gives it a peculiar style, standing out against the background of the devices of the “remnant” era. The long-familiar gestures of turning on a flashlight or shaking the camera with a quick wave of the phone seem to surprise no one, but Motorola will remain forever in history as a pioneer with the impeccable implementation of such functionality - I’m so used to gestures that I don’t even know where the camera icon is. In general, you already understood that I like the phone all is good and I still love it, except for one annoying moment - all the phone’s memory is wired inside it. And in order to lose our precious 64 gigabytes (there is actually less user data), you just need to stumble so that the phone falls out of hand and “successfully” falls. Although on some day he may simply not turn on. Or one day they can steal it trite.

All computer users are divided into two groups - those who make backups and those who still do not. I moved from the second group to the first fifteen years ago. At least on the first phone, the reservation was thought out as follows. All applications with their settings were automatically backed up daily via Titanium Backup to an SD card. SambaDroid was installed on the phone, which was configured in such a way as to share the phone’s SD card only when it was connected to a network with a specific SSID. As you might guess, this only happened when the phone was connected to a Wi-Fi router in my home. BitTorrent Sync was periodically launched on the computer, which, just in case, was locked through a firewall in the local network (activity was allowed only at local addresses), and when a shared card is detected, it synchronizes its contents with a folder on the computer. In the event of a phone breakdown, you could just pull out the SD card with data. In any other case, there is always a backup of the memory card on the computer. If the computer crashes on the same day, there is a cold backup of the data disk located in another house. The sleep is calm, healthy, strong, so the hands do not shake from tension and, as a result, the phone never falls.

What to do with this new phone? Applications are also backup via Titanium Backup. But the SD card cannot be pulled out, and SambaDroid, which worked perfectly on Android 2.x on the 4/5/6 line, behaves unstably, and after a while I refused BitTorrent Sync. Surely one could find a similar solution, but I caught fire with a universal cloud solution. It would seem that the conclusion is obvious and obvious - there is Google Drive and a bunch of applications that synchronize the specified data with the cloud, providing (in theory) End-to-End encryption. But ... with this approach, this article would never have been written! Moreover, the author in 2018 is not even going to connect a Google account to the phone and even more so does not think about synchronizing the photos of her cats with any other services. Yes, I have paranoia, distrust of corporations,

While I was thinking about something to be done in terms of correcting this situation, the whole of 2016 passed and I realized that now, right now, we really need to take care of this problem. I wanted to do everything beautifully, with an eye to the future, to universality, reliability and, of course, automatism. Since I actively do not accept too much and intrusive participation of corporations in my personal life, it was decided to try to create my own personal cloud on the local network using my ownCloud.
Quote from Wikipedia:
ownCloud is a free and open web application for data synchronization, file sharing and remote storage of documents in the cloud. ownCloud is written in the programming languages ​​PHP and JavaScript. ownCloud works with SQLite, MariaDB, MySQL, Oracle Database and PostgreSQL databases, and runs on Linux-based servers, including Raspberry Pi. The development of ownCloud was launched by one of the KDE developers, Frank Carlitschek, in January 2010. He sought to create a free alternative to commercial cloud storage services. In contrast, ownCloud can be installed on your own server at no extra cost.

Features:
- File storage using conventional directory structures, or using WebDAV
- Cryptography
- Synchronization between clients running Windows (Windows XP, Vista, 7 and 8), Mac OS X (10.6 and later) or Linux
- Calendar (also like CalDAV)
- Task Scheduler
- Address Book (also like CardDAV)
- Streaming media ( used by Ampache)
- Administration of users and groups (using OpenID or LDAP)
- Sharing content between groups or using public URLs
- An online text editor with syntax highlighting and folding. Support for online versions of LibreOffice editors announced.
- Bookmarks
- URL reduction mechanism
- Photo gallery
- PDF viewer (using PDF.js)
- ODF file viewer (.odt, .odp, .ods)
- Logging module

In terms of functionality, we see a full-fledged cloud that can spin on ... yes, that computer! With severe paranoia, the activity of the service can be locked inside the local network through a firewall.

I already had some links to the material on installing and configuring my ownCloud, but when I started to deal with it, I found that in 2016 the main developer of ownCloud (Frank Karlichek) left the company and announced the creation of a fork - Nextcloud. Unlike ownCloud, which is paid under certain conditions, Nextcloud is completely free. Considering that the work on the new fork was led by Frank Karlichek, who has extensive experience in similar development, I decided to choose Nextcloud. At the beginning of 2017, the current version of Nextcloud was version 11.0.2, and its installation and configuration will be described below. As of January 2018, the current version is 12.0.4, but, I think, there should not be any fundamental differences in the installation and configuration.



Formulation of the problem


At first, everything seemed simple and I could not even imagine that sitting “a couple of days off” would stretch for two, two and a half interesting months. Often he red-eyed at night and asked smart and not-so-very questions on thematic forums. My advice to beginners - if you want to do something, do not be alarmed by the amount of work and do it. The main thing is to get at least something for the first time. The way it even works crookedly. You can do it without understanding, like a monkey, to copy a long series of commands, often reaching the place where something fails and nothing happens. Maybe a mistake was made earlier, maybe a typo in the command, maybe the author skipped a line of code / command in his manual, maybe the OS release in the example is different and it won’t work on yours, maybe the libraries are not the same - you never know what else ! But when something works out you will be surprised to say:

So, you need to decide what exactly needs to be done. There are a couple of phones that need to be connected to the cloud. In addition, I would also like to connect a computer to it - the amount of disk space in the cloud now depends only on my desire and I do not need to constantly pay extra for 10/20/30 gigabytes - I can just buy a hard drive for a couple of terabytes. The central link in the home network is the Wi-Fi router — phones, via Wi-Fi, a computer and another computer that acts as an inadvertent “server” are connected to it: the computer was originally built for the tasks of a failed HTPCand now it just runs virtualization software from VMWare. VMWare Workstation has its own virtual router, to which so far only one virtual machine with an FTP server is connected. The solution suggests itself - to create and connect another virtual machine, through the network settings of VMWare, forward ports 80 (HTTP) or 443 (HTTPS) to it. The solution is modular and elegant in the sense that an absolutely hardware-independent and once configured virtual machine can be easily deployed anywhere, on any ordinary computer.





Creation and basic setup of a virtual machine


Nextcloud - quite roughly, this is a site that runs on a web server. As the web server I chose LAMP = Linux + Apache + MySQL + PHP. This means that all this needs to be installed and configured. And for it to work correctly, you need to understand what to install and how to configure.

I only encounter Linux periodically and this is more of a hobby than a necessity. But since I was aiming at universality, this time I decided to divide all the work into three logical parts, each of which should end with a well-defined and universal result. First you need to make yourself a comfortable working environment, that is, not just install the system on a virtual machine, but configure it for yourself, bring it closer to the look that is more convenient and familiar to me. The second step is to bring this machine to a functioning web server. The third is turning the web server into a cloud.

Debian 8.7.1 was chosen as the operating system. A virtual machine is created in VMWare Workstation, which is allocated one dual-stream processor, two gigabytes of RAM and a 120 gigabyte hard drive. The network card operating mode is NAT. Download the ISO image of the operating system for amd64 architecture . After downloading, connect the image to the virtual drive and start the virtual machine. Installing the operating system is quite commonplace and it can be done even without murzilka, which abound on the Internet. Gnome3 was chosen as a graphical environment, and Standard System utilities and Print Server were installed. The hard disk during installation is divided into two sections - a common partition (/, / home, / usr, etc.) and swap. The newly created user is called neutral "user".

Immediately after installation, the user is shown an empty desktop. Nautilus file manager - such as Windows Explorer, never understood why they use it. The application menu does not shine with its structuring. NumLock is always disconnected after loading. From nano or vi text editors, a novice linuxoid is generally discouraged. It is necessary to somehow correct all this. The following is a self-described system description. They don’t argue about tastes: someone will like it, someone will not. I note that without overcoming the difficulties of professional growth there will be no and the more you delve into something - the more you understand how it works.



Control Panel Settings


I'm used to switching the keyboard layout with the CTRL and SHIFT buttons. The keyboard driver may have been to blame for this since MS DOS 6.22, but now what to do is the habit of second nature. In addition, I do not want the virtual machine to fall asleep or turn off the screen, and I do not want to enter a password after each start.

An elementary initial setup of the environment is done in the control panel:

- Language and region → Add Russian to input sources.
- Keyboard → Key combinations → Enter → The modifier key switches the input sources → Assign the language switch button Ctrl + Shift (if it is impossible to establish such a combination, skip this step, set it in the “Configuring gnome” section below).
- Keyboard → Key combinations → Additional combinations → Add a new item with the name “Terminal” and the command “x-terminal-emulator”. After adding, click on the inscription “Off” and enter the combination of two keys: Super (Win) + t.
- Monitors → Set the screen resolution to the current display, since the default is uncomfortable 800x600.
- Power → OFF Turns off the display.
- Details → Removable media → OFF Autorun when connecting media.
- Users → ON automatic access for user user.



BASH Setting


The next important step is to configure the terminal. You will have to work a lot with the command line. Moreover, some, if not many, things in Linux are easier and more convenient to do through the terminal, and that is why in the previous paragraph we made a key combination to quickly call the terminal. Bash is a command-line interpreter that executes commands from the keyboard. Bash can highlight files, folders, network folders, files with different access rights in different colors. With highlighting, it becomes somewhat easier and more fun to navigate.

Important note. Lines of commands starting with the $ character will indicate that the command must be entered on behalf of the user - you just need to open the terminal (it is searched in the application menu or just press the combination Super + T) and enter the command. If the line starts with the # character, it means that the input must be done as root (root). To do this, open the user terminal and enter the command:

$ su

Then enter the superuser password that was set when the system was installed.

So how do I “colorize” a terminal? To do this, run the command:

$ nano /home/user/.bashrc

This command will open the bashrc configuration file in the nano text editor. In this file you need to find and uncomment the line "force_color_prompt = yes". Below we look for a line of the following form (below the condition if ["$ color_prompt" = yes]; then):
PS1 = '$ {debian_chroot: + ($ debian_chroot)} \ [\ 033 [01; 32m \] \ u @ \ h \ [\ 033 [00m \]: \ [\ 033 [01; 34m \] \ w \ [\ 033 [00m \] \ $ '

and copy it (Shift + Ctrl + C), after which the editor can be closed (Ctrl + X) with saving the changes made.

Next, run the following command:

# nano /root/.bashrc The

configuration file opens again, but for the superuser. Below the commented out line "# PS1 = ..." you need to paste (Shift + Ctrl + V) the copied line with a slight change (with the replacement of the number 32 by 31):
PS1 = '$ {debian_chroot: + ($ debian_chroot)} \ [\ 033 [01; 31m \] \ u @ \ h \ [\ 033 [00m \]: \ [\ 033 [01; 34m \] \ w \ [\ 033 [00m \] \ $ '

This small change will change the color of the Bash prompt: the user @ debian prompt will be highlighted in green, and the superuser root @ debian will be highlighted in red. This will help from inadvertent confusion when, by mistake, commands are entered from the wrong user.



Repository setup


The repository is the database of packages available for installation. It is important to keep this base up to date. Immediately after installation, we have registered a basic repository and a link to the installation DVD, which contains a number of popular packages. To work with repositories, you can use the synaptic program with a graphical interface. But it’s much easier to edit the list manually through a regular text editor:

# nano /etc/apt/sources.list

Check the list of repositories for compliance with the list below.
Security updates #
the deb security.debian.org jessie / updates main the contrib the non-free
the deb-the src security.debian.org jessie / updates main the contrib the non-free
# jessie-updates
the deb httpredir.debian.org/debian jessie-updates main the contrib free-the non
the deb-the src httpredir.debian.org/debian jessie-updates main the contrib the non-free
# and binary-source-packages
the deb httpredir.debian.org/debian jessie main the contrib the non-free
the deb-the src httpredir.debian.org/debian jessie main contrib non-free
# backports
# deb httpredir.debian.org/debianbackports main-jessie the contrib the non-free
# the deb-the src httpredir.debian.org/debian jessie-backports main the contrib the non-free

The Backports repository is registered but disabled. Strictly speaking, you don’t need to register it, but if you register it immediately, then disconnecting or connecting this repository will be easier - you just need to comment out or uncomment the required lines. Why is he needed at all? The fact is that along with the fact that Debian is one of the most stable distributions, as a result, the software in its repositories is often decently outdated. Connecting Backports is an easy way to get a much newer version of some software (even newer than in the testing Debian branch). But you need to be very careful, because when installing a certain program, depending on the dependencies, other packages may catch up that can break the system due to the incompatibility of the old software with new packages. Backports - this is the case when you know exactly why you are doing this.

After any change to the contents of the sources.list file, be sure to synchronize with the repositories:

# apt-get update

Be sure to look at the log - there should be no errors. Otherwise, you need to check the contents of the sources.list file.



Operating system update


To find out the current version of the system, execute the command:

$ cat / etc / debian_version

If the system is installed from the image using the link above, then its number will be 8.7.

There are two commands for updating the system: apt-get upgrade and apt-get dist-upgrade. The first command will only update the installed packages, but it can cause conflicts and unsatisfied dependencies. This is a kind of safe update, in which old programs do not deteriorate, but new ones may not work. The second command will remove the old packages, resolve conflicts, deliver the necessary dependencies, and deliver new packages if required. If conflicts arise, she will try to update the most important packages at the expense of less important ones. This is a smarter update.

Update the system:

# apt-get dist-upgrade

After updating the system, we check the log for errors, check the new current version of the system and make sure that everything is within the expected limits.



Software installation


Install the following packages:

# apt-get install mc
# apt-get install gksu
# apt-get install numlockx
# apt-get install libcanberra-gtk-module
# apt-get install libqt5webkit5 libqt5svg5 coreutils
# apt-get install doublecmd-gtk
# apt -get install galculator
# apt-get install samba smbclient cifs-utils
# apt-get install jigdo-file
# apt-get install audacious
# apt-get install smplayer
# apt-get install firefox-esr
# apt-get install gufw


mc - this is the good old Notron Commander only on Linux. We forget about the commands ls, cd, mkdir, rm and others.

gksu- it will allow you to run programs with a graphical interface on behalf of the superuser, and also add the superuser terminal to the application menu, which can be launched immediately, and not execute the sequence “terminal → $ su → superuser password entry”.

numlockx - will help to solve the problem with numlock mode after booting the system, since by default it is always turned off.

The packages libcanberra-gtk-module, libqt5webkit5 libqt5svg5 coreutils are needed for the functioning of the double-panel manager Double Commander and the text editor Notepadqq, which we will install a little later.

doublecmd-gtk is an analogue of Total Commander for Linux.

galculator is just a calculator that can switch to engineering view.

samba smbclient cifs-utils - packages necessary for network operation: sharing folders, access to shared folders, mounting network resources.

jigdo-file is a tool for downloading and updating images of CD, DVD, BD. for example, if you ever want to create a fully autonomous and complete official repository from Blu-ray discs of the Debian distribution, then we will need this “torrent”, since Blu-ray discs are distributed primarily through jigdo.

audacious - audio player.

smplayer is a video player.

firefox-esr is a browser that needs no introduction.

gufw is a graphical shell for the firewall configuration utility.

The above programs will slightly supplement the basic software package of the installed system, which is considerable if a standard set of utilities was selected during the installation of the system. The functions of MS Office are performed by the LibreOffice software package, there is a graphical editor GIMP, Transmission for torrents, the Evolution email client, photo viewer, a simple text editor gedit and other software. There are also audio and video players in the standard set, but audacious and smplayer will be more functional and convenient programs.



Software setup


numlockx solves the problem with numlock mode after booting the system. After installing the package, you just need to run the command:
# numlockx on
And now, after loading the operating system, NumLock will always be turned on.

I brought the file manager of Double Commander to a more minimalistic look by

performing the following actions in its menu: - View → Brief (execute on both panels)
- Settings → Options → Tools → Terminal → In the “Terminal launch command” section, write “x-terminal-emulator ", Leave the parameter field blank
- Settings → Settings → Fonts → all fonts = 11, font" Viewer (mode "Book") "= 14
- Settings → Settings → View files → Choose sorting method" Natural sort: alphanumeric "
- Settings → Settings → Browse files → Set the option “Show system and hidden files”
- Settings → Settings → Window view → Install only trace. options:
- Main menu
- Toolbar + Flat
- Disk list button
- Free disk space line + Briefly
- Current path
- Tab headers
- Status bar
- Function key buttons
- Flat interface
- Background operations panel

SMPlayer video player has also been configured a bit through menu item “Settings”:

- Panels → OFF Main panel and Language panel
- Settings → General: OFF “Remember settings of all files”
- Settings → Appearance: Automatically resize - ON “When it is needed”
- Settings → Appearance: OFF “Remember position and size”
- Settings → Updates: OFF “Check for updates” and OFF “Open the page with information after updating”

From the minimum extensions for firefox are worth mentioning Ghostery, with which you can block many tracking bugs and ads, and friGate, which extends the browser’s ability to configure proxies (we don’t need a proxy, of course, but suddenly we need it - it’s always at hand). I note that it is worth installing friGate version 2.2.1.1 (from archives), since the 3.x branch demonstrates the complete victory of "effective" management and marketing over common sense.

What to do if the browser requires Flash Player? On theAdobe Flash Player download page, select .tar.gz for Linux and download the proposed file. From the archive you need to "get" libflashplayer.so and copy it to /home/user/.mozilla/plugins. All actions can be done through Double Commander - it can access archives as folders. Below I gave how to do this through the commands in the terminal:

[ This text was written specifically for the site geektimes.ru by AlexanderS .
Link to the source is optional, but its reference is highly desirable! ]


$ cd / home / user / Downloads
$ mkdir flash
$ tar xzf flash_player_npapi_linux.x86_64.tar.gz -C flash
$ mv flash / libflashplayer.so /home/user/.mozilla/plugins


After restarting firefox and allowing the plugin to work, the flash on the sites should work. But in some cases, this may not be enough or tasks require a flash to run locally from some application. Then you can install Flash Player in the system, although it seems to me this is far from the best idea (in fact, how to enable flash in the browser). To do this, we need to convert the resulting archive into a DEB package, which we then install using the package manager. It is actually simple.

Install the converter and compiler:

# apt-get install alien make gcc

Convert the resulting archive:

# alien --to-deb flash_player_npapi_linux.x86_64.tar.gz

We look at what package we got, let's say flash-player-npapi-linux.x86-64_1 -2_all.deb, and install it:

# dpkg --install flash-player-npapi-linux.x86-64_1-2_all.deb



Gnome setup


It's time to make changes in accordance with their ideas of how the graphic environment should look. After all, one of the most remarkable features in Linux is that there are a lot of things you can configure without even being a programmer in the full sense of this meaning.

With the installation of Double Commander, you can say: “Down with the command line!” But what if you need to wander in folders from the superuser? Each time, go to the superuser terminal and type doublecmd? It can be easier! Create a shortcut in the menu for Double Commander that will launch it in the superuser session:

# doublecmd / usr / share / applications

You need to make a copy of the doublecmd.desktop file and name the new doublecmd-root.desktop file. You can use the usual keyboard shortcut Ctrl + C and Ctrl + V. Next, open the doublecmd-root.desktop file (press the familiar F4 button to launch the text editor built into the file manager) and adjust the corresponding lines to the following form:
Name = Double Commander [root]
Exec = gksu doublecmd

Then we close all open programs and go to the "Applications" menu, in which we remove all the icons from the favorites (left vertical column with program icons). Then from the program menu we add (drag and drop) the icons to the favorites in the following order: Double Commander → Nautilus → Firefox → Terminal → Galculator → Super User Terminal → Double Commander [root].

After these changes, reboot the graphical shell: press Alt + F2 and enter the r command.

Now let's fine-tune the shell. There is special software for this:

$ gnome-tweal-tool

I note that you need to run the command only on behalf of the user, not the superuser. For some time I started it from under the superuser and could not understand why nothing works for me at all. After starting up, a menu appears in which I made the following changes:

- Top panel → ON date display
- Windows → ON maximize and minimize windows
- Desktop → ON display icons on the desktop, OFF system icons (Network, Trash, etc.) e.)
- Extensions → ON extensions of Application Menu, Window List
- Power Options → turn off the computer when you press the power button (select Shutdown)
If at the “Settings in the control panel” step it was not possible to configure the keyboard layout switching by Ctrl + Shift, then make a change from the following item:
- Keyboard → in the “Switch to another layout” item, select the keyboard shortcut Ctrl + Shift

In the “Extensions” item below There is a link to download additional extensions, when you click on it, a website with add-ons for gnome will open in the browser. Through the search, we find the extensions Lock keys and Remove dropdown arrows and install them. Be careful - before searching for extensions, you must enable the temporary execution of the Gnome Shell Integration plugin in the browser. When you open a page with an extension at the top there is a slide button ON / OFF, by clicking on which you will be asked to add an extension. The first extension will add the indicator of the Caps Lock and Num Lock buttons (I have a wireless keyboard on which there are no corresponding indicators). The second - removes the falling arrows from the application menu, windows on the taskbar and language bar.

As a result of such a simple tuning, the graphic environment in us has come closer to a more practical look.

How it was:



How it became (the screen resolution, unfortunately, is already different):



There may be some differences at first glance compared to the number of actions that have been done, but now it’s clear how and what to do and where to climb if necessary. As our lecturer in quantum physics once said: “You are not required to understand quantum physics right now, you are required to understand which section of the textbook to open when necessary.”



Network configuration


For network interaction with our virtual machine, create a folder and give everyone rights to change it:

$ mkdir / home / user / Net
$ chmod 777 / home / user / Net


Now you need to expand this folder. On Linux, this makes it very simple:

# mcedit /etc/samba/smb.conf

At the end of the file that opens, add a new section by writing the following text:
[Net]
path = / home / user / Net /
comment = Net Folder
readonly = no
guest ok = yes

After all these steps, you must restart the service to apply the new config:

# service smbd restart

No reboot of the operating system is required - the Net network folder inside the guest virtual machine will immediately be available from the host operating system.



Firewall setup


Linux has a powerful IPTables tool for configuring the firewall. Unfortunately, you can’t immediately dive right into it, especially to a beginner, and if you do not use it periodically, it’s pretty easy to lose your setup experience. Therefore, we will use a special utility for configuring iptables rules - Uncomplicated Firewall (ufw). Rules can be created via the graphical interface, for which gufw was installed, but, as I said, initially it is easier to do this through the terminal.

We enable logging of the firewall and configure its rules - we prohibit all incoming:

# ufw logging on
# ufw default deny incoming
# ufw default allow outgoing We


allow connections for the network environment and access to files:

# ufw allow 138 / udp
# ufw allow 139 / udp
# ufw allow 139 / tcp
# ufw allow 445 / tcp


Allow connections for the operation of mail clients:

# ufw allow 25
# ufw allow 465
# ufw allow 110
# ufw allow 143
# ufw allow 993


Enable protection:

# ufw enable



Install vmware-tools 10.0.10 in a Debian 8.7.1 environment


In addition to drivers for virtual equipment (for example, a video card or chipset), vmware-tools will enable you to connect any folders from the host system to the virtual machine, as well as enable the functionality of a common clipboard between the host and guest systems.

It just so happened that my story of working with vmware-tools on Linux is the story of periodic rake walking . At one time, I even used open-vm-tools, but there were problems with mounting the hgfs folder (it is in it that the connected folders appear in the Shared Folders section of the virtual machine settings).

At the beginning of 2017, I had VMWare Workstation 12.1.0, which was equipped with a set of ISO images vmware-tools version 10.0.10. Oddly enough, everything went unexpectedly smoothly, quietly and calmly.

To install vmware-tools, we will need to install the compiler and, necessarily, headers, without which normally vmware-tools, at least before, were not built in principle:

# apt-get install linux-headers - $ (uname -r) make gcc

This time I did not put the linux.iso image in a virtual drive, but copied it to a network folder (we already have a network now) and then mounted it on Linux and unpacked the desired archive:

# mkdir / mnt / iso
# chmod 777 / mnt / iso
# mount -o loop -t iso9660 /home/user/Net/linux.iso / mnt / iso
$ tar xvzf /mnt/iso/VMwareTools-10.0.10-4301679.tar.gz -C / home / user / Net


Now you can run a script that compiles and installs vmware-tools:

$ cd / h ome / user / Net / vmware-tools-distrib
# ./vmware-install.pl


The first question of the script must be answered in the affirmative, all subsequent questions must be answered with default values ​​(just press Enter everywhere). During the compilation process, warnings may appear, but there should be no errors.

After installation, delete unnecessary files and reboot:

# umount / mnt / iso
$ rm -rf / home / user / Net / vmware-tools-distrib
$ rm /home/user/Net/linux.iso
# reboot


After the reboot, you should go and check for the presence of the / mnt / ngfs folder - if it exists, the installation was correct. In addition, the resolution scaling inside the virtual system should start working normally according to the size of the VMWare window and the shared clipboard should turn on.



Build, install and configure notepadqq


I’ve gotten used to the Total Commander + Notepad ++ bundle for a long time and, naturally, I was looking for an alternative in Linux. The role of Total Commander is a good substitute for Double Commander, although there is nothing to completely replace Total. There was also an analogue of Notepad ++, called Notepadqq, which also does not completely replace Notepad ++, but it is better than the built-in Double Commander editor or the same nano. At least there is syntax highlighting in Notepadqq and it works fine.

Suddenly there was only one problem - there were no packages in the repositories. I found a compatible deb package for installation, but the version was outdated and the software was openly and shamelessly buggy. There were no options - you had to build the package yourself from the available sources.
After downloading the archive with the source code, the README.md file was found inside, in which instructions for assembling and installing the package using the make utility were found. However, I wanted to have a full package that I could install and painlessly remove, which is impossible in principle by installing it through make install. In general, there is a good article on Habré on this subject. Therefore, I compiled the package through checkinstall.

First, you need to install the packages necessary for work:

# apt-get install git qt5-qmake checkinstall
# apt-get install libqt5webkit5 libqt5svg5 coreutils
# apt-get install libqt5webkit5-dev libqt5svg5-dev qttools5-dev-tools
# apt-get install libcan gtk-module


Download the source code (at the beginning of 2017, the current version was 1.0.1) and start the fakeroot session:

$ git clone github.com/notepadqq/notepadqq.git
$ cd notepadqq
$ fakeroot


Fakeroot runs programs in a special environment that emulates a super-user session . Elevated privileges may be required for the make utility to work.

Now you need to configure the environment for the project depending on the processor architecture (in my case, the first option, x86_64):

$ ./configure --prefix / usr --qmake / usr / lib / x86_64-linux-gnu / qt5 / bin / qmake

or

$ ./configure --prefix / usr --qmake / usr / lib / i386-linux-gnu / qt5 / bin / qmake

or

$ ./configure --prefix / usr --qmake / usr / lib / arm-linux -gnueabihf / qt5 / bin / qmake

And we compile the program, observing the magic in the terminal:

$ make

After successful compilation, you can compile a package with information about it:

$ checkinstall -D --install = no

If you run checkinstall without the “--install = no” directive, then the assembled package will be automatically installed on the system, and the package file will be immediately deleted. This categorically did not suit me, since I use a separate virtual machine for assembly (do not litter the target machine with various compilers, IDEs and other software that will never be used there) and as a result I needed to get a normal DEB package, which I can transfer to the desired virtual machine and install there. The “--install = no” directive is needed only to create a package and not install it.

During the assembly process, we will be asked a question about the description of the package. I wrote the following: "Notepadqq 1.0.1 amd64 build 20170326." After entering the description, I would recommend filling in the Maintainer field (package collector, its maintainer) - press the 0 (zero) button and enter your nickname or at least something, but do not leave it empty.

After assembling the package, we exit the fakeroot session:

$ exit

If everything went well and without errors, then a file of the form notepadqq_20170326-1_amd64.deb appeared in the working folder. Now it can be installed using the normal package manager:

# dpkg –i notepadqq_20170326-1_amd64.deb

Run Double Commander and connect notepadqq as the default editor:
Settings → Editor → Turn on the option “Use an external program”, as a way to register: notepadqq The

version 1.0.1 that I collected has proved to be very good and I worked with it for a whole year. Now we know how to properly collect packages from source - this is not difficult at all!



Assembly and installation of Double Commander


There were a few troubles with Double Commander. It was buggy when working with network folders and editing long file names. In addition, sometimes it was crookedly closed from under the superuser. Version 0.5.x was originally installed from the repository, while 0.7.8 was available on the project’s website, which no longer hurt these problems. An attempt to get a DEB package was launched on the launchpad.net/ubuntu resource, where it was proposed to download several assembled packages of version 0.6.x and install them in some combination. Why several packages? And the version is not new at all. An attempt to rashly install a new version from Backports led to a system crash, I couldn’t fix it and I just deleted the virtual machine, pulling up a carefully saved backup image file of the hard disk.

However, what problems can there be if there is source code? I can now compile and compile the package myself! At first everything went as usual. Getting the source, the investigation of what and where and attempts to somehow compile them, not understanding the logic of their actions. Then I nevertheless managed to read the documentation from which it followed that no make would help to compile - you need a full-fledged IDE , in which the project is developed. Well ... why not put an IDE? And I briskly went on a rake, not assuming that this would take a week.

To work, we need to install already familiar packages:

# apt-get install make gcc checkinstall subversion

For the normal installation of the IDE (Lazarus), the following packages must be delivered:

# apt-get install libdbus-1-dev libglib2.0-dev libncurses5-dev libx11-dev libgtk2.0-dev libcanberra-gtk-module

Very important note: the project wiki development page contains a list of required packages that contains the libgtk package -2.0-dev, which actually does not exist - you need to install libgtk2.0-dev (without a hyphen!) Instead.

Now we need to install the IDE itself. Lazarus is an open source Pascal software development environment for the Free Pascal compiler. That is, in addition to the IDE, you must also install the compiler. At first I cheerfully found and downloaded the necessary files, of course the latest version, installed them and for a long time I could not understand the reason why the project stubbornly does not compile. Of course, given that I did everything for the first time on software that I had never seen before, I made enchanting mistakes and illogical actions. But the truth turned out to be bitter - in conjunction with the problem of an extra hyphen in libgtk-2.0-dev, it turned out that for Double Commander 0.7.8 it was recommended to use lazarus 1.6.2, and not 1.6.4, which I installed.

To install the development environment, you need to open the Lazarus project siteand choose Lazarus Linux amd64 DEB or Lazarus Linux i386 DEB depending on the processor architecture. After that, select the IDE version (for Double Commander 0.7.8 - 1.6.2) and download the packages lazarus-project, fpc, fpc-src.

Install packages

# dpkg -i fpc_3.0.0-151205_amd64.deb
# dpkg -i fpc-src_3.0.0-151205_amd64.deb
# dpkg -i lazarus-project_1.6.2-1_amd64.deb


After installation, run the development environment, ignoring the warning about unavailability from the debugger :

$ startlazarus

In the "Service" settings, we select the rebuilding (recompilation) of lazarus (according to the Normal IDE profile). The IDE should normally relocate - otherwise you cannot continue working with it and you need to understand why it never happened, but now, it happened again. There were times that it was easier to take a new virtual machine and do it all over again, because during the installation / uninstallation of lazarus, somewhere, something was not installed or was not removed and the system was irreversibly cluttered.

After all the resolved issues with the IDE, we get the source code. You can get the source code from svn (release 0.7):

$ svn co svn.code.sf.net/p/doublecmd/code/branches/0.7 doublecmd

You can get the source code from the current project with svn:

$ svn co svn.code.sf. net / p / doublecmd / code / trunk doublecmd

You can simply download the source code from the project website and unzip the file:

$ tar xzf doublecmd-0.7.8-src.tar.gz

Suppose we get a source folder and it is located on the path / home / user / work / doublecmd.

Next, you need to compile the project. Run the IDE in the fakeroot session:

$ fakeroot
$ startlazarus


In accordance with the file doublecmd \ doc \ INSTALL.txt (for the current version, specify the packages on the project development pagein the “Building from source” section) you need to connect or compile packages to lazarus, and after connecting the last package, rebuild lazarus. This is done as follows: go to the menu Package → Open package file (.lpk) → Select the required file and open it → In the new window that opens, click the “Use” button and then select “Install”, if the “Install” item is not available, then simply click on the “Compile” button. All components are located in the components folder of the source code. We need to connect the following components:
- chsdet / chsdet.lpk
- CmdLine / cmdbox.lpk
- multithreadprocs / multithreadprocslaz.lpk
- dcpcrypt / dcpcrypt.lpk
- doublecmd / doublecmd_common.lpk
- KASToolBar / kascomp.lpk
- gifanim / pkg_giferim.ler
view

After connecting the last component, you need to affirmatively answer the question about rebuilding the IDE or start rebuilding yourself through the Tools menu.

If the rebuild has completed successfully, then you can try to compile the project by opening the doublecmd / src / doublecmd.lpi file through Lazarus and starting compilation (F9 button). After successful compilation (warnings may appear in the process, but it's okay - the main thing is that there are no fatal errors) Double Commander should come off. If this did not happen, then, with a high degree of probability, an error occurred during the compilation process and you need to figure out what to do with it and how to live on. You can try to solve the problem logically, but in the absence of experience there are, of course, very few chances. Therefore, gently take the error text to the clipboard and go with it directly to the unknown distance of the Internet.
After successfully compiling the project, close the IDE.

So, we got in the folder with the source code the binary doublecmd file, which is launched. Everything is fine, but ... how to make a normal package? This is where the install dad helps us. If you carefully observe the code of the create_packages.sh file, the name of which is very encouraging, you can draw far-reaching conclusions about what we need regarding the parameters that need to be set when the script is run. There may even be some kind of documentation on the application of this script, but I had enough logical understanding of the code. Just starting to execute this file didn’t give me anything since the process constantly crashed and stopped on errors, as a rule, the lack of the necessary paths. To build the package successfully, you need to tweak the create_packages.sh script a little.

We look for a line in the code and comment or delete it:
svn export ../ $ BUILD_DC_TMP_DIR

Below we prescribe:
cp -vR / home / user / work / doublecmd / $ BUILD_DC_TMP_DIR

We look for a line in the code and comment or delete it:
linux / update-revision.sh ../ $ BUILD_DC_TMP_DIR

If the code was received from svn, then these two changes can be omitted, but when downloading the code in a separate archive without these changes, it was impossible to make the package.
Next, look for the line and again comment / delete:
export MAINTAINER = "Alexander Koblov "

Instead, we prescribe ourselves:
export MAINTAINER = "Vlastelin Mira"

Next, look for the line and comment / delete again:
checkinstall -D --default --pkgname = doublecmd --pkgversion = $ DC_VER --pkgarch = $ DEB_ARCH --pkgrelease = 1. $ lcl --pkglicense = GPL --pkggroup = contrib / misc --requires = libx11-6 --nodoc --pakdir = $ PACK_DIR $ BUILD_DC_TMP_DIR / install / linux / install.sh

Below we prescribe the same thing, but with a slight change, which will allow us not to install it automatically in the system after the package is built and will save the assembled package:
checkinstall -D --install = no --default --pkgname = doublecmd --pkgversion = $ DC_VER --pkgarch = $ DEB_ARCH --pkgrelease = 1. $ lcl --pkglicense = GPL --pkggroup = contrib / misc - requires = libx11-6 --nodoc --pakdir = $ PACK_DIR $ BUILD_DC_TMP_DIR / install / linux / install.sh

We start generating the package for Debian in the fakeroot session from which we did not exit:

$ ./create_packages.sh -D --ws = gtk2 --cpu = x86_64 We observe

the magic in the console - there are so many things! After successfully assembling the package, we exit the fakeroot session:

$ exit

The resulting package, for example, doublecmd_0.7.8-1.gtk2_amd64.deb, will be located in / doublecmd / install / linux / release / from where it can be installed with the usual command:

# dpkg -i doublecmd_0 .7.8-1.gtk2_amd64.deb



Return to the beginning, to the table of contents .



The history of creating a home cloud. Part 1. Setting up the Debian environment for everyday use
Text version: 1.1.0.
Date of first publication: 01/10/2018.
Last edit date: 01/10/2018.

Update log
1.1.0 [10-01-2018]
The title of the article is supplemented.

1.0.0 [10-01-2018]
The first version.
Describes how to configure the Debian 8.7.x environment and build Notepadqq 1.0.1 and Double Commander 0.7.8 packages from the source.

Also popular now: