Meh Belly Lint Collection

That awful moment when you realize,
THIS is YOUR circus and THOSE are YOUR monkeys.

User Tools

Site Tools

You are here: start » ubuntu_steps
ubuntu_steps

Start with “bare” ubuntu, I'm still on 22.04 LTS

Notes: 

vi ~/.inputrc
set enable-bracketed-paste off

Update system and install prereq 

apt update && sudo apt upgrade -y
apt -y install build-essential dkms linux-headers-$(uname -r) software-properties-common curl wget git 
apt -y install iputils-ping traceroute 
apt -y install vim 
apt -y install build-essential
apt -y install net-tools
apt -y install less
apt -y install libssl-dev
apt -y install libz-dev
apt -y install python3-pip
apt -y install python3-venv
apt -y install cron
apt -y install ipmitool
apt install -y openvswitch-switch

Temporarily allow SSH root access for setup 

sed -i -E '/^\s*#?\s*PermitRootLogin\s+.*/d' /etc/ssh/sshd_config && echo 'PermitRootLogin yes' | sudo tee -a /etc/ssh/sshd_config
systemctl restart sshd

Add authorized_keys 

grep -qxF 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDiKJ/84kE14mqkZllnBFHfsXD10UmEuE6phOvdBC8k/CbybfPEEYUbPW87hykxK8iE0vx8abD58DEOHh0KHpVK3uFB+NqufA5BXixUChZfBoNtK7kJIaJvo4OWOrU09uQ4KYTDXDX61H76MnDSGwPluRw2qSSRPyDS3jMpPpg0iwS1VWmkdvCqn+cqCkZrMGLvK+AKrB8QsaDT33qpmSteaWUM7ZbScVhpWv7o7Zmek0j1jJ8wpSULZpAUW+er0CVS2reaCSTpbX6wYfXs0Vkknt' /root/.ssh/authorized_keys || echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDiKJ/84kE14mqkZllnBFHfsXD10UmEuE6phOvdBC8k/CbybfPEEYUbPW87hykxK8iE0vx8abD58DEOHh0KHpVK3uFB+NqufA5BXixUChZfBoNtK7kJIaJvo4OWOrU09uQ4KYTDXDX61H76MnDSGwPluRw2qSSRPyDS3jMpPpg0iwS1VWmkdvCqn+cqCkZrMGLvK+AKrB8QsaDT33qpmSteaWUM7ZbScVhpWv7o7Zmek0j1jJ8wpSULZpAUW+er0CVS2reaCSTpbX6wYfXs0Vkknt' | tee -a /root/.ssh/authorized_keys

Set explicit root password 

passwd root

Infinite bash history in .bashrc 

cd /root
sed -i -E '/^\s*HISTSIZE=.*$/c\HISTSIZE=-1' .bashrc && sed -i -E '/^\s*HISTFILESIZE=.*$/c\HISTFILESIZE=-1\nPROMPT_COMMAND="history -a; history -n; $PROMPT_COMMAND"' .bashrc
source .bashrc

If you didn't config the machine as static but you want to 

# detect current interface, IP/CIDR and gateway
iface=$(ip route show default | awk '/default/ {for(i=1;i<=NF;i++) if($i=="dev"){print $(i+1); exit}}')
cidr=$(ip -o -4 addr show dev "$iface" | awk '{print $4}')
gw=$(ip route show default | awk '/default/ {print $3}')

# disable cloud-init network config
sudo mkdir -p /etc/cloud/cloud.cfg.d \
  && echo 'network: {config: disabled}' \
      | sudo tee /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg >/dev/null

# write your custom netplan
sudo tee /etc/netplan/01-netcfg.yaml >/dev/null <<EOF
network:
  version: 2
  renderer: networkd
  ethernets:
    $iface:
      dhcp4: false
      addresses:
        - $cidr
      routes:
        - to: 0.0.0.0/0
          via: $gw
      nameservers:
        addresses:
          - 8.8.8.8
          - 8.8.4.4
EOF

# disable the auto-generated cloud-init netplan
sudo tee /etc/netplan/50-cloud-init.yaml >/dev/null <<EOF
# disabled by custom config (/etc/netplan/01-netcfg.yaml)
EOF

echo "✔️  Netplan written for $iface ($cidr) via $gw"

Fix DNS, e.g. 86 systemd-resolvd 

sudo systemctl disable --now systemd-resolved
sudo rm /etc/resolv.conf
echo -e "nameserver 8.8.8.8\nnameserver 8.8.4.4" | sudo tee /etc/resolv.conf >/dev/null

If by chance auditd is running, disable it (auditd is off on a bare installation) 

vi  /etc/audit/auditd.conf
vi /etc/audit/audit.rules
systemctl stop systemd-journald-audit.socket
systemctl disable systemd-journald-audit.socket

Verify UFW is inactive if installed, should return “Status: inactive” 

ufw status

Fix nvme bug and turn off audit and app armor 

sudo sed -i '/^\s*GRUB_CMDLINE_LINUX_DEFAULT=/d' /etc/default/grub && echo 'GRUB_CMDLINE_LINUX_DEFAULT="audit=0 pcie_aspm=off pcie_port_pm=off nvme_core.default_ps_max_latency_us=0 apparmor=0 security=apparmor"' | sudo tee -a /etc/default/grub && sudo update-grub
update-grub


Install ipmitool
@reboot /usr/bin/python3 /root/hostinfoLCDbyid.py




AI





Cuda 12.x uses ≥525



add-apt-repository ppa:graphics-drivers/ppa -y
apt update




Check for latest recommended NVIDIA driver



ubuntu-drivers devices




Replace 575-open with the recommended, for certain 40 series and all 50 series use the open



apt install nvidia-driver-575-open -y


reboot




Verify Installation



nvidia-smi




Add CUDA repo



# Ensure NVIDIA CUDA repo is added:
sudo apt install software-properties-common
distribution="ubuntu2204"
wget https://developer.download.nvidia.com/compute/cuda/repos/$distribution/x86_64/cuda-keyring_1.1-1_all.deb
sudo dpkg -i cuda-keyring_1.1-1_all.deb
sudo apt update

# List the latest CUDA toolkit packages available:
apt-cache madison cuda-toolkit




Returns



cuda-toolkit |   12.9.0-1 | https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2204/x86_64  Packages
cuda-toolkit |   12.8.1-1 | https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2204/x86_64  Packages
cuda-toolkit |   12.8.0-1 | https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2204/x86_64  Packages
cuda-toolkit |   12.6.3-1 | https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2204/x86_64  Packages
cuda-toolkit |   12.6.2-1 | https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2204/x86_64  Packages
cuda-toolkit |   12.6.1-1 | https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2204/x86_64  Packages




Install the latest toolkit



sudo apt install cuda-toolkit-12-9 -y




Set CUDA environment variables



echo 'export PATH=/usr/local/cuda/bin${PATH:+:${PATH}}' >> ~/.bashrc
echo 'export LD_LIBRARY_PATH=/usr/local/cuda/lib64${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}}' >> ~/.bashrc
source ~/.bashrc




Verify CUDA



nvcc --version


apt install nfs-common

apt install nfs-kernel-server


apt install apache2
systemctl start apache2

apt install mariadb-server
systemctl start mariadb.service
mysql_secure_installation
mysql -uroot -p

apt install libapache2-mod-php php-mysql
cd /etc/apache2/mods-enabled/
vi dir.conf
systemctl restart apache2
systemctl status apache2
openssl genrsa -aes128 -out private.key 2048
openssl req  -nodes -new -x509  -keyout server.key -out server.cert
openssl req -new -days 999 -key private.key -out request.csr
openssl req -new -days 999 -key server.key -out server.csr
openssl x509 -in server.csr -out certificate.crt -req -signkey server.key -days 999
cd /etc/apache2/conf-available/
vi ssl-params.conf
cd ../sites-available/
openssl x509 -inform DER -outform PEM -in server.crt -out server.crt.pem
openssl rsa -in server.key -text > private.pem
openssl x509 -inform PEM -in server.crt > public.pem
vi default-ssl.conf
a2enmod ssl
a2enconf ssl-params
a2ensite default-ssl
vi /etc/apache2/conf-enabled/ssl-params.conf
apache2ctl configtest
systemctl restart apache2
vi /etc/php/7.4/apache2/php.ini
apt install nmap



WiFi + “jerky typing” fix for low power wifi cards!!!!






Run 



ip addr




 to find the wlan card, mine is wlp2s0.





Test if this is the problem first.



iw dev wlan0 get power_save




if its on, it will report:



Power save: on




Turn off power save via:



sudo iw dev wlan0 set power_save off




If that works, make it permanent via (also note this isn't the “right” way, just the fastest way)



vi /etc/systemd/system/wifi-powersave-off.service




Add the following snippet



[Unit]
Description=Disable WiFi Power Save
After=network.target

[Service]
Type=oneshot
ExecStart=/usr/sbin/iw dev wlp2s0 set power_save off

[Install]
WantedBy=multi-user.target




Make it permanent



sudo systemctl daemon-reexec
sudo systemctl enable wifi-powersave-off
sudo systemctl start wifi-powersave-off




                    
                                    


                
ubuntu_steps.txt · Last modified: 2026/04/23 07:14 by kenson


                
                

            


            
            
        


        



    
    

                Donate
        Powered by PHP
        Valid HTML5
        Valid CSS
        Driven by DokuWiki