# HyDEV Server Setup Notes about how to setup a Fedora 32 server for HyDEV ## 1. Wifi Connection for Potato Laptop Servers Connect to ethernet first, and then: ```bash nmcli nmcli d connect ``` Setting up wifi: (If `wpa_supplicant` isn't installed, it would say "unavailable") ```bash dnf install NetworkManager-tui wpa_supplicant systemctl enable wpa_supplicant reboot ``` And then select the wifi and connect: ```bash nmtui ``` If you are using 811AC usb wifi adapter too, install the driver: ```bash dnf install make automake gcc gcc-c++ kernel-devel dkms mkdir drivers cd drivers git clone https://github.com/brektrou/rtl8821CU cd rt18821CU ./dkms-install.sh ``` Toggle USB wifi adapter mode: (Find the coresponding device ID eg. `0bda:c811`) ```bash lsusb sudo usb_modeswitch -KW -v 0bda -p c811 reboot nmtui ``` ### Laptop Close Lid ```bash nano /etc/systemd/logind.conf # Add HandleLidSwitch=ignore systemctl restart systemd-logind ``` ## 2. Mariadb Files: None Steps: ```bash dnf install mariadb mariadb-server sctl enable mariadb sctl start mariadb mysql_secure_installation mysql -p GRANT ALL PRIVILEGES ON *.* TO 'root'@'...ip...' IDENTIFIED BY '...password...' WITH GRANT OPTION; ``` ## 3. Nginx Files: * /etc/nginx/nginx.conf * /etc/nginx/html/* * /etc/letsencrypt/* * /app/hres/* Steps: ```bash dnf install nginx certbot certbot-nginx # And then you copy the config files chron -Rt httpd_sys_content_t /app/ ``` ## 4. Shadowsocks Files: `/etc/shadowsocks-libev/hydev.json`: ```json { "server": "0.0.0.0", "server_port": , "password": "", "method": "aes-256-cfb", "mode": "tcp_and_udp" } ``` Steps: ```bash dnf copr enable librehat/shadowsocks dnf update dnf install shadowsocks-libev # And then you copy the config files sctl enable shadowsocks-libev-server@hydev sctl start shadowsocks-libev-server@hydev ``` ## 5. Java Application Servers Files: * /app/depl/\ * /etc/systemd/system/\.service ```ini [Unit] Description= [Service] WorkingDirectory=/app/depl// ExecStart=/bin/bash launch.sh User=jvmapps Type=simple Restart=on-failure RestartSec=5 [Install] WantedBy=multi-user.target ``` * /app/depl/\/launch.sh ```sh /usr/bin/java -cp .jar:./lib/* -Xms1024M -Xmx2048M org.hydev.Main ``` Steps: ```bash groupadd -r appmgr useradd -r -s /bin/false -g appmgr jvmapps chown -R jvmapps:appmgr /app/depl// sctl start sctl enable ``` ## 6. LAN File Servers (SMB) https://www.jianshu.com/p/cc9da3a154a0 Files: * /etc/samba/smb.conf ```ini [global] workgroup = HYDEV security = user passdb backend = tdbsam [data] comment = Shared data path = /mnt/data public = no admin users = admin valid users = @admin smb-user browseable = yes writable = yes create mask = 0777 directory mask = 0777 force directory mode = 0777 force create mode = 0777 ``` Steps: ```bash dnf install samba nano /etc/samba/smb.conf groupadd -r samba useradd -r -s /bin/false -g samba smb-user smbpasswd -a smb-user sctl enable smb nmb sctl start smb nmb ``` Allow smb access with SELinux enabled https://www.lisenet.com/2016/samba-server-on-rhel-7/ ```bash setsebool -P samba_export_all_ro=1 samba_export_all_rw=1 semanage fcontext –at samba_share_t "/mnt/data(/.*)?" restorecon -Rv /mnt/data ``` If you are still using an NTFS drive: ```bash dnf install ntfs-3g fuse modprobe fuse mount -t ntfs-3g /dev/sdb1 /mnt/data nano /etc/fstab # Add line: /dev/sdb1 /mnt/data ntfs-3g defaults 0 0 ``` ## 7. Firewall (UFW) ```bash sctl disable firewalld sctl stop firewalld dnf install ufw sctl enable ufw sctl start ufw ufw status ``` Allow all traffic from LAN: ```bash ufw allow from 192.168.0.0/16 ```