Station is a Chef configuration management cookbook to provision my personal Linux workstation running Fedora Linux.
Fedora releases every six months and being able to configure 90% of more of my personal workstation via a script is incredibly useful and productive.
In the near future this Chef based system will be replaced by an Ansible solution since that seems to be where the world is headed.
Station performs the following major actions in addition to a variety of smaller items:
-
Installs the rpmfusion (free and non-free) Linux package repositories that provide Linux packages not included in the base Fedora Linux distribution.
-
Installs a select set of Linux packages from the base Fedora and rpmfusion repos in order to meet my personal requirements. See the Chef code for node.default['station']['install_packages'] within the file cookbooks/station/attributes/defaults.rb for details.
-
Remove any packages installed by default that are unwanted (These are usually foreign typeface packages that I don't need.)
-
Add additional Linux system groups to facilitate consistency in my home lab environment's NFS servers.
-
Installs Google Chrome
-
Installs Atom text editor for Linux ** This will be removed soon due to Atom being deprecated **
-
Installs Microsoft VS Code Editor]
-
Installs VirtualBox hypervisor for Linux
-
Installs Zoom
-
Installs Skype.
-
Installs WebEx.
-
Enable sshd for inbound network access
-
Configure firewalld for limited inbound services
-
Enable service to apply TRIM feature periodically for SSD discarded blocks maintenance
-
Deploy optional typefaces from personal repositories
-
Configure expected mount points for local NFS servers
-
Install a variety of Bash scripts that I've written for personal use
In addition to these, this page documents manual steps that are required to customize a new Linux installation to my personal needs. These steps are easier to perform by hand than invest significant time to automate.
Station performs the following changes specific to my personal user, 'maxwell':
-
Configures my standard Linux dot files in
/usr/local/etc/etc/bashrc/etc/profile$ HOME/.bashrc
-
Installs & Configures powerline prompt
-
Configures a small number of changes for root user, too.
Note: Many GNOME GUI configuration changes will take place simply by restoring my personal home directory from one Linux installation to another. Therefore, these configuration settings are not automated via this cookbook.
This is a high level summary of my process for moving to a new install of Fedora Linux:
-
First, perform multiple backups of the old system to multiple forms of encrypted storage both on-line (NAS) and off-line (USB hard drives).
-
Install Fedora Linux from USB Installer image.
-
Boot the newly installed Linux system and complete the initial steps of making a new user manually.
-
Download Station by cloning this github repo:
git clone github.com/maxwax/station
- Execute the bootstrap.sh script as root/sudo in order to download, install, configure and run Chef to configure this workstation.
cd station
sudo ./bootstrap.sh
-
Manually restore files from backups to the new system. First, put them in a temporary place, then swap out /home/maxwell with the restored /home/home.old/maxwell.
-
Go through the detailed checklist below to perform fine-tuning of a new Fedora install.
- If moving to a new release of Fedora Linux, install the release in a virtual machine and attempt to run this cookbook. Adjust to accommodate things like base packages that have been removed or renamed and push changes to github.
- Make multiple backups of the existing Fedora installation including all major directories not just /home
- Install Fedora from USB installer
- Run dnf to update all system packages
- Reboot into the updated system
- Execute this cookbook to deploy and configure the environment
- Restore the old home directory
- Reboot one final time to test a clean boot and clean login
- Debug the surprise problems that may present themselves.
- Manual Application Installs
- Manual Configuration Tasks
- Work-Rounds Accommodations
- QA Checklist
Complete the following actions to enable cookbook support for a new version of Fedora:
-
Update cookbooks/station/attributes/default.rb case statement to replace the currently supported Fedora version identifier with a new version identifier. (ex: 'fedora_32' -> 'fedora_33')
-
Remove any previously defined packages that are not available for the new version of Fedora
-
Add any packages manually installed to the current Fedora installation that were not included in the cookbook yet.
-
Update the README.md docs with any new accommodations for the new version of Fedora
-
Adjust any unexpected issues with the script caused by changes in behavior of the new Fedora release. Do this on the first attempt to use this script.
-
Push updates to github
-
Perform multiple backups to multiple, encrypted on-line and off-line storage media.
cp -prv /boot /etc /home /opt /root /usr /var /net/filerdata/backups/$(hostname)/$(date +%Y.%m%d) ```
-
Use a Fedora Workstation Live USB Installer to boot the computer and perform a base install of Fedora Linux.
-
If you are re-using existing filesystem partitions, make sure to check each one other than /boot/efi as 'Reformat' to clear them out instead of re-using them.
-
Reboot into the new Fedora Linux installation
-
Connect to the WIFI network (optional)
-
Create a primary user (this will be system admin / sudo user)
-
Login, start a shell
- Update all packages - There are always updates.
dnf -y update
- Clone the station github repo to $ HOME/Download.
git clone github.com/maxwax/station
- Bootstrap the node with the bootstrap.sh script
cd station
sudo ./bootstrap.sh
bootstrap.sh performs the following automated tasks:
- Download a staged Chef workstation binary from maxwellspangler.com to /tmp.
- Install the chef-workstation rpm file.
- Perform a first run of chef-client -z to create a Chef node object for this workstation.
- Modify the new Chef node to be owned by 'maxwell'
- Modify the new Chef node environment to 'maxlab'
- Append 'recipe[station]' to the new Chef node
- Now perform a chef-client run that will execute the recipes configured in the 'station' cookbook to provision the workstation.
All packages should now be up to date and most packages that can be automatically installed by Chef are installed. Reboot into an updated kernel and package environment.
- Reboot into new kernel, library, packages, etc
- Skip this step if you're running this on a spare computer or testing VM.
-
From backups made prior to installation, restore /home/maxwell to
/home/maxwell/home.old/maxwell. -
Restore other directories like /home/library
-
Ideally, log out of 'maxwell' and into another user or root so that your logged in user 'maxwell' is not actively using any files in /home/maxwell.
-
Move the /home/maxwell directory created by this new installation to a temporary location
mv /home/maxwell /home/maxwell.fedora.new
-
Move the restored /home/home.old/maxwell user directory to /home/maxwell for active use.
mv /home/home.old/maxwell /home/maxwell
-
Now login on the GUI as 'maxwell' to continue normal operation
Wayland prevents gnome-terminal from using its --geometry parameter to launch terminal windows in specific locations with specific sizes so for this reason I switch back to the legacy X.org X11 window system.
- Modify
/etc/gdm/custom.confto look like this:
# Uncomment the line below to force the login screen to use Xorg
WaylandEnable=false
DefaultSession=gnome-xorg.desktop
Upon next boot you should be in X11 instead of Wayland.
** This should now be done automatically via a Chef recipe, so just confirm it is in place.
- Add 'acpi_backlight' to /etc/default/grub
- Deploy a new grub.cfg file with the new kernel parameter
grub2-mkconfig -o /boot/grub2/grub.cfg
With the provisioning complete, the majority of major software deployments and configurations is complete.
Now is a good time to reboot the system and login.
Along the way, look for problems, errors and obvious things that are broken. Debug them and resolve them before moving on.
At this point the system is stable, so we can manual install some applications whose installation is difficult to reliably automate.
These applications are installed manually due to the obstacles their providers make in quickly and easily automating installations without fixed download URLs or yum repositories.
-
Install the most recent version of Slack ** This now has a Electron conflict with draw.io, so I use draw.io locally and Slack via a web page.
-
Install VirtualBox Extension Pack. This appears to require a manual process.
-
Install most recent draw.io rpm for Linux
-
Install PyCharm - Python IDE. pycharm download page
This is an opportunity to perform any manual steps that have not been automated.
-
Consider setting a static hostname (if not done earlier)
bash sudo hostnamectl set-hostname mynode.maxlab -
Verify the timezone in use. Make sure its correct
timedatectl
Local time: Thu 2020-01-09 22:44:18 MST
Universal time: Fri 2020-01-10 05:44:18 UTC
RTC time: Fri 2020-01-10 05:44:18
Time zone: America/Denver (MST, -0700)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
These settings should already be in place, but if using Station to setup a fresh Fedora installation where config files are not being restored, this is a guide to configure settings:
- General
- Suspend lid on laptop close - disabled
- Keyboard & Mouse
- Mouse Click Emulation: Area (to use touchpad areas, not 2-finger gestures)
- Top Bar
- Show Weekday - enabled
- Show Date - enabled
- Show Battery Percentage - enabled
- Windows
- Attach Model Dialogs - enabled
- Edge Tiling - enabled
- Window Focus - Focus on Hover (Mousefocus)
- Window Titlebars
- Double Click Titlebar Action - Toggle Maximize Vertically
- Show Minimize - enabled
- Show Maximize - enabled
- Workspaces
- Static Workspaces - enabled
- Number of Workspaces - 5
- Display Handling - Workspaces Span Displays
These extensions modify the Gnome GUI environment in ways that make it significantly more comfortable so install them now:
Use Firefox to install these:
These are in addition to the extensions installed by default in Fedora or by the Chef provisioning script.
-
Visit extensions.gnome.org and install the following extensions:
-
Install the Firefox Gnome-Shell-Extension using the banner at the top of the Gnome Shell Extensions website.
-
Freon by UshakovVasili - Gnome temperature sensors applet
-
gTile - Window tiling, sizing and positioning
- Customize this extension with details
- Show Icon - disabled
- Grid Sizes - Customize
- Resize Presets - See screenshot elsewhere
- Margins - 0 for all
-
Launch New Instance - Always launch a new instance even if an application is already running
-
OpenWeather - Weather conditions applet for Gnome title bar
- Customize this extension with details
- Set location - Denver, CO
-
Recent Items by bananenfisch - Track recently opened files and add drop down applet to make re-opening them very easy
-
Sound Input & Output Chooser by kgshank - Select active speakers and microphone. Very useful after docking/undocking laptops from desk to roaming.
- Waiting for update for Fedora 35 compatability
-
Tweaks in System Menu - Customization to put Gnome Tweaks Tool launch icon in system menu near control panel icon for natural accessibility.
-
Waiting for update for Fedora 35 compatability
-
-
Configure Top Bar Clock with World Clock Eastern and UTC Time zones.
-
Configure OpenWeather app for Denver weather, remove Tuvalu
-
Configure WIFI: You may need to reconfigure access to known access points
-
Configure Bluetooth: Disable if not using it for anything
-
Configure Multitasking: Fixed Number of Workspaces: 6
-
Configure Multitasking: Multi-Monitor: Workspaces on all displays
-
Configure Multitasking: Application Switching: Include applications from the current workspace
-
Configure Power: to not 'Automatic Suspend' after idle use
-
Configure Power: to show battery Percentage
-
Configure Power: Power Button Behavior does 'Nothing'
-
Configure Keyboard Shortcuts: 'Lower window below other windows' via 'Menu' (key)
-
Configure Printers: Re-configure any known printers as needed
-
Configure Default Apps: Set Mail to 'Evolution'
-
Configure Date & Time: Enable both 'Automati Date & Time' and 'Automatic Time Zone'
-
Configure Date & Time: Time format 24-hour
Apply a low contrast color palette to gnome-shell windows using [this guide on if-not-true-then-false.com](https://www.if-not-true-then-false.com/2012/solarized-linux/#solarized-gnome-terminal
Apply the same to vim using this guide
Record any known work arounds to issues here so they can be easily performed on a new deployment.
Sometimes the vagrant deployed by Fedora doesn't support the latest release of VirtualBox used with Chef and Test Kitchen for ad-hoc testing in virtual machines.
Follow (https://blogs.oracle.com/scoter/post/getting-vagrant-23-working-with-oracle-vm-virtualbox-70-beta#This Oracle Blog post) or a similar one to modify a variety of vagrant files to treat VirtualBox N+1 as Virtual Box N.
Verify the items on this checklist immediately after installation of Fedora in order to identify and resolve problems now and not 5 minutes before a collaboration with others where you need them. This list is expected to grow.
Hardware
- Display uses native resolution and looks good in X
- Sound works through headphones jack
- Sound works through laptop speakers
- Sound works through USB dock speakers
- USB keyboard, mice and trackpads work
- Laptop screen can be closed and doesn't cause the laptop to sleep
- Wireless network connectivity works
- Wired network connectivity works
- Laptop continues showing power from AC, power from battery
Gnome UI
- Top bar has day name, date and time in 24 hour format
- Top bar has UTC time
- Openweather knows Denver location
- Recent files drop down shows recent files
- Mousefocus switches windows
- Right menu key lowers windows
Network
- Hostname is set to host.domain
- DNS works on local home lab network to resolve other nodes
- SSH allows incoming connections
Virtualization
- VirtualBox is installed, Extension pack installed
Shell
- Terminals come up using Solarized low contrast color scheme
- Terminals use bash and powerline prompt with custom config file
- vim keys work with Shell history in bash (set -o vi)
Applications
- Firefox is installed and sync'd with my account
- Evolution mail gets to IMAP accounts
- KeepassXC can load a password safe
- Draw.io allows diagramming
- LibreOffice installed and working
- Atom editor works
- You can get to Google Drive from the Nautilus File Manager
- Firefox is logged in and syncing bookmarks
- Chrome works
- Slack runs and is signed in
- Zoom runs, is signed in, can use microphone and webcams
CLI Tools
- The 'safe' command can open a LUKS safe file
- You can ssh to an AWS Bastion node for tunneling
- You can ssh through an AWS Bastion node for a private tunnel
- AWS CLI can list s3 buckets (simple example)
Editors
- Atom launches and can edit code
- VS Code launches and can edit code
- Pycharm launches and can edit and run Python code
Containers
- Docker Desktop GUI app launches and can find running docker engine daemon
- Docker can launch containers from command line
- Download and run the latest version of Lynis and review the security posture for vulnerabilities.