These instructions document the installation and configuration of Debian 3.1 on our new servers.

We downloaded and burned the Debian 3.1r0a netinst CD image. We then booted each system with the CD-ROM in the drive. We hit Enter at the boot prompt to accept the default installation mode. We then proceeded with the installation as follows:

1. Accepted defaults during the base install process.
   • Ignored errors regarding the "sym" SCSI controllers (because we nothing is attached to them, and we disabled them in the BIOS).
2. For primary interface, chose eth0.
3. Entered the hostname (bud/budlight) and domain name (sluug.info).
4. Manually edited the partition table. (See below for details.)
5. Said yes when asked to install GRUB to the MBR.
   • The system rebooted at this point.
6. Decided to set the system clock to GMT.
7. Selected the Central timezone (America/Chicago in the extended list).
8. Set the root password.
9. Set up a user account for the installer to use.
10. Chose several nearby HTTP mirrors for APT packages.
11. Skipped the package installation and MTA configuration choices.
12. Chose the finish configuration option.
    • System rebooted again to complete the installation process.

We had 36 GB to work with on each system. The systems came with 4 x 18 GB drives. With 3 of the drives in a RAID 5 array, and 1 hot spare drive, this gave us 36 GB of usable storage.

After some debate, we decided upon the following partition setup. The table lists the partitions in the order they were created.

All file systems were formatted as ext3, except for /var. We formatted /var with reiserfs, because we expected to use Maildir format. Maildir format uses a separate file for each email message, which ends up creating lots of small files within a single directory. Reiserfs is much more efficient at storing small files and having a large number of files within a directory.

Here's the result of running df:

Filesystem           1K-blocks      Used Available Use% Mounted on
/dev/ida/c0d0p2         914108     77048    788318   9% /
tmpfs                  1989212         0   1989212   0% /dev/shm
/dev/ida/c0d0p1          91763     15029     71838  18% /boot
/dev/ida/c0d0p6        4807072     32960   4529928   1% /home
/dev/ida/c0d0p11       9879016     32860   9344320   1% /spare
/dev/ida/c0d0p10        914108      8239    857127   1% /tmp
/dev/ida/c0d0p8        3843160    211724   3436212   6% /usr
/dev/ida/c0d0p9        2883376     32896   2704012   2% /usr/local
/dev/ida/c0d0p7        9767184    178060   9589124   2% /var

We chose a minimal installation, so we could add our selected packages later.

We did not install any X server or X client programs. This system is intended to be a server, and should never run any X programs. Any GUI-type administration should be done over HTTPS.

There are several packages installed by the default minimal install that we do not want or need. We removed them:

apt-get remove exim4
apt-get remove ppp pppoe pppconfig pppoeconf
apt-get remove nfs-common portmap libnfsidmap1
apt-get remove lpr
apt-get remove fdutils
apt-get remove ibritish

TODO: Remove some more stuff. Add some recommended stuff.

Ensure the following is in /etc/apt/sources.list:

deb http://security.debian.org/ stable/updates main

Update the package list:

sudo apt-get update

Upgrade any new packages:

sudo apt-get upgrade

It would be nice to have the updates install automatically, but in order to prevent problems, it's best to have a system administrator apply the updates manually, so they can fix any problems that crop up. So instead, we'll alert the system administrators when there are updates available.

We've adapted code from here to check for new Debian updates. Save the following code to /etc/cron.daily/check-debian-updates:

#!/bin/sh
 
HOSTNAME=`hostname`
MAILTO="sysadmin@sluug.org"
MAILFROM="Debian update checker <sysadmin@sluug.org>"
 
apt-get update >/dev/null 2>&1
 
NEWPACKAGES=`apt-get --print-uris -qq -y upgrade 2>/dev/null |awk '{print $2}'`
 
if [ ! -z "$NEWPACKAGES" ]
then
 mail -a "From: $MAILFROM" -s "New Packages for $HOSTNAME" $MAILTO <<EOF
There are new Packages available for $HOSTNAME:
 
$NEWPACKAGES
 
please run:
 sudo apt-get upgrade
on $HOSTNAME.

EOF
fi
 
exit 0;

Change the permissions on the script to make it executable:

sudo chmod 755 /etc/cron.daily/check-debian-updates

Adding this script to the /etc/cron.daily directory will cause it to be run every day. By default, the daily cron scripts run at 6:25 AM. One nice thing about running them daily and sending them to a mailing list is that it's easy to see if the updates have or have not been applied by the next day. The more times the message is sent, the more likely someone will be to log in and run the updates.

The email isn't getting sent. May be outbound email not working, or the list not accepting emails from the source address.

We created a few users. (Some of them temporary.) These will be used for building the system.

TODO: Determine how to maintain user database, to keep it in sync with existing AIX systems.

TODO: Run periodic reports to ensure that users on systems do not get out of sync.

Once we've installed some things, we can change the DHCP address to a static IP address. Note that you'll need to be directly connected to the system, because any network connections may be dropped. (It might be able to make the change and re-connect after getting dropped, if you don't take the interface down before making the changes, but it's not as clean.)

Edit /etc/network/interfaces. Comment out the existing iface eth0 inet dhcp line, and add something like this (change the IP addresses and default gateway per location):

iface eth0 inet static
        address 206.196.99.162
        netmask 255.255.255.240
        gateway 206.196.99.161

Restart the network:

/etc/init.d/networking restart

Ensure that you can connect to some Internet hosts to make sure that your configuration is correct.

Ensure that the hostname is correct:

hostname

If it is not, change it:

hostname bud

Edit /etc/hosts to add the IP address of the system. We also put the other system in there. Note that the fully-qualified name must come before the short name, so that the system can determine the domain name properly. Also, do not put the hostname on the localhost line. The file should look something like this:

127.0.0.1       localhost.localdomain   localhost
206.196.99.162  bud.sluug.org           bud
206.196.99.163  budlight.sluug.org      budlight

Verify that the system can get the domain name and fully qualified hostname:

hostname -d
hostname -f

See the general TODO page for more work to be done.

James Pattie led the installation effort, 2005-02-19.

Lots of other folks helped in the decision-making and installation process.

John House and Craig Buchek were the primary documentors.

Craig Buchek and Jeff Muse led the installation effort on the production servers, 2005-07-30.

Lee Lammert led the effort to move the systems to Primary Networks, 2006-01-16.