1. Install Debian 12 with RAID and LUKS by following SMRU IT documentation
2. Initial Configuration and Installation
2.1. Repositories
-
With root privileges, backup the sources.list file by typing
cp -a /etc/apt/sources.list /etc/apt/sources.list.org. -
Empty the sources.list file and add the following lines.
deb http://deb.debian.org/debian bookworm main non-free-firmware deb http://deb.debian.org/debian bookworm-updates main non-free-firmware deb http://deb.debian.org/debian-security/ bookworm-security main non-free-firmware
2.2. IP Address
-
With root privileges, backup the interfaces file by typing
cp -a /etc/network/interfaces /etc/network/interfaces.org. -
Remove the auto enp2s0 and iface enp2s0 inet dhcp lines if they exist in the interfaces file.
-
Append the following lines after the iface lo inet loopback line in the interfaces file.
auto enp2s0 iface enp2s0 inet static address 10.10.1.252 netmask 255.255.255.0 network 10.10.1.0 gateway 10.10.1.170
2.3. Sudo
-
Type
su -and press Enter. -
Type
apt-get install sudoand press Enter. -
Type
cp -a /etc/sudoers /etc/sudoers.organd press Enter. -
Type
adduser smru sudoto allow usage of sudo and press Enter. -
Type
update-alternatives --config editorand press Enter. -
Type
2to select /usr/bin/vim.tiny and press Enter. -
Type
visudoand press Enter. -
Append
*, rootpwto theDefaults env_resetline. -
Type
:wqand press Enter. -
Type
exitand press Enter.
2.4. SSH Server
-
Type
sudo apt-get install openssh-server -yand press Enter to install OpenSSH Server.
2.5. Vim
-
Type
sudo apt-get install vim -yand press Enter to install Vim. -
Type
sudo cp -a /etc/vim/vimrc /etc/vim/vimrc.organd press Enter to backup the vimrc file. -
Append the following lines to the /etc/vim/vimrc file using /usr/bin/vim.tiny.
" USER CUSTOM SETTINGS """"""""""""""""""""""""""""""""""""""""""""""""""""""""" autocmd VimEnter * setlocal formatoptions-=c autocmd VimEnter * setlocal formatoptions-=o autocmd VimEnter * setlocal formatoptions-=r autocmd VimEnter * setlocal formatoptions-=t autocmd VimEnter * setlocal mouse= set background=dark set encoding=utf-8 set hlsearch set ignorecase set paste set title set wrap """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
-
Type
sudo update-alternatives --config editorand press Enter. -
Type
2to select /usr/bin/vim.basic and press Enter. -
Type
update-alternatives --config editorand press Enter. -
Type
2to select /usr/bin/vim.basic and press Enter. -
Type
sudo select-editorand press Enter. -
Type
2to select /usr/bin/vim.basic and press Enter. -
Type
select-editorand press Enter. -
Type
2to select /usr/bin/vim.basic and press Enter.
2.6. Users Color
-
Type
sudo mv /etc/skel/.bashrc /etc/skel/.bashrc.organd press Enter. -
Type
sudo mv /home/delta/.bashrc /home/delta/.bashrc.organd press Enter. -
Type
sudo cp -a /etc/bash.bashrc /etc/bash.bashrc.organd press Enter. -
Append the following lines to the /etc/bash.bashrc file.
# CUSTOM SETTINGS ############################################################## export EDITOR=vim export VISUAL=vim export HISTCONTROL=ignoreboth export HISTSIZE=10000 export HISTFILESIZE=20000 shopt -s histappend alias wdiff='diff -B -E -N -b -w -r' # A trailing space in the alias value causes the next word to be checked # for alias substitution when the alias is expanded. E.g. "sudo dir /". alias sudo='sudo ' alias vdir='ls --color=auto --show-control-chars -l' alias dir='ls --color=auto --show-control-chars' alias ls='ls --color=auto --show-control-chars' alias ll='ls --color=auto --show-control-chars -l' alias l='ls --color=auto --show-control-chars -lA' alias hex='od -t x1' # Some aliases to prevent making mistakes. alias cp='cp -i' alias mv='mv -i' alias rm='rm -i' # Disable <Ctrl-d> to prevent accidental log out. set -o ignoreeof # Don't echo control characters. if `tty -s`; then stty -echoctl fi # Show date and time in yellow, show user in light green, show hostname in light blue, show working directory in blue. PS1='\[\033[01;33m\]\D{%F %T} ${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u\[\033[01;36m\]@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ ' ################################################################################ -
Type
sudo cp -a ~root/.bashrc ~root/.bashrc.organd press Enter. -
Append the following lines to the ~root/.bashrc file.
# CUSTOM SETTINGS ############################################################## # Show date and time in yellow, show user in red, show hostname in light blue, show working directory in blue. PS1='\[\033[01;33m\]\D{%F %T} ${debian_chroot:+($debian_chroot)}\[\033[01;31m\]\u\[\033[01;36m\]@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ ' ################################################################################
3. Apache2
3.1. Installation
-
Type
sudo apt-get updateand press Enter. -
Type
sudo apt-get install apache2 -yand press Enter.
4. Microsoft .Net 8 SDK and ASP.NET Core Runtime
4.1. Prerequisites Installation
-
Enter the following commands at a Command Line.
sudo apt-get update sudo apt-get install -y wget apt-transport-https software-properties-com ls -al wget https://packages.microsoft.com/config/debian/12/packages-microsoft-prod.deb -O packages-microsoft-prod.deb ls -al sudo dpkg -i packages-microsoft-prod.deb sudo apt-get update sudo apt-get install -y dotnet-sdk-8.0 sudo apt-get install -y aspnetcore-runtime-8.0 dotnet --info
5. Git
5.1. Installation
-
Enter the following commands at a Command Line.
sudo apt-get update sudo apt-get install -y git git --version
6. PostgreSQL
6.1. Installation
-
Enter the following commands at a Command Line.
# Install Prerequisites sudo apt-get update sudo apt-get install -y curl gnupg2 lsb-release # Import the PostgreSQL GPG key curl -fsSL https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo gpg --dearmor -o /usr/share/keyrings/postgresql.gpg # Add the repository echo "deb [signed-by=/usr/share/keyrings/postgresql.gpg] http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" | sudo tee /etc/apt/sources.list.d/pgdg.list sudo apt-get update sudo apt-get install -y postgresql psql --version sudo pg_ctlcluster 17 main status sudo pg_ctlcluster 17 main start sudo pg_ctlcluster 17 main status
6.2. Configuration
-
Enter the following commands at a Command Line.
sudo su - postgres -c 'psql --list' sudo su - postgres -c 'psql --dbname postgres --command "\du+"' sudo su - postgres -c 'createuser --createdb --inherit --login --no-createrole --pwprompt --superuser smru' sudo su - postgres -c 'createuser --no-superuser --no-createdb --no-createrole --login --no-inherit --pwprompt a sudo cp -a /etc/postgresql/17/main/pg_hba.conf /etc/postgresql/17/main/pg_hba.conf.org sudo cp -a /etc/postgresql/17/main/postgresql.conf /etc/postgresql/17/main/postgresql.conf.org -
Append the following lines to the /etc/postgresql/17/main/pg_hba.conf file.
# IPv4 local connections. host all all 10.10.1.0/24 scram-sha-256 # LAN SMRU office
-
Append the following lines to the /etc/postgresql/17/main/postgresql.conf file.
# - Connection Settings - listen_addresses = '*'
-
Enter the following commands at a Command Line.
sudo service postgresql status sudo service postgresql restart sudo service postgresql status
7. Deployment
7.1. Create SystemD service for PMS App
-
Enter the following commands at a Command Line.
sudo ls -al /var/www sudo cp -r /home/delta/publish/pmsapp /var/www sudo ls -al /var/www -
Create the systemd service for pmsapp.
-
Create the /etc/systemd/system/pmsapp.service file with the following content.
[Unit] Description=PMS App [Service] WorkingDirectory=/var/www/pmsapp ExecStart=/usr/bin/dotnet /var/www/pmsapp/Pms.Server.dll Restart=always RestartSec=10 KillSignal=SIGINT SyslogIdentifier=pmsapp User=root Environment=ASPNETCORE_ENVIRONMENT=Production [Install] WantedBy=multi-user.target
-
Enter the following commands at a Command Line.
sudo systemctl daemon-reexec sudo systemctl status pmsapp sudo systemctl enable pmsapp sudo systemctl start pmsapp sudo systemctl status pmsapp
7.2. Configure Apache as a Reverse Proxy
-
Enter the following commands at a Command Line.
sudo a2enmod proxy sudo a2enmod proxy_http -
Create the /etc/apache2/sites-available/pmsapp.conf file with the following content.
<VirtualHost *:80> ServerName 10.10.1.252 ProxyPreserveHost On ProxyPass / http://localhost:5000/ ProxyPassReverse / http://localhost:5000/ ErrorLog ${APACHE_LOG_DIR}/pmsapp-error.log CustomLog ${APACHE_LOG_DIR}/pmsapp-access.log combined </VirtualHost>
7.3. Enable the pmsapp site
-
Enter the following commands at a Command Line.
sudo ls -al /etc/sites-available sudo ls -al /etc/sites-enable sudo a2ensite pmsapp sudo a2dissite 000-default.conf sudo systemctl restart apache2
7.4. Postgresql
-
Enter the following commands at a Command Line.
psql --list psql --dbname postgres --command '\du+' #sudo -i -u postgres psql --dbname postgres CREATE DATABASE "anc-mkt"; \q exit pg_restore -U smru -d anc-mkt /home/delta/anc-mkt.tar -
Change the PmsDbConnection to the right string in the /var/www/pmsapp/appsettings.json.
7.5. Test for WPA
-
Login to TBHF-ANC-FRL with smru user.
-
Enter the following commands at a Command Line.
# Backup the anc-wpa database from TBHF-ANC-WPA. pg_dump -h 192.168.27.2 -d anc-wpa -U smru -Ft -f /home/delta/anc-wpa.tar psql --list psql --dbname postgres --command '\du+' psql --dbname postgres CREATE DATABASE "anc-wpa-for-test"; \q # Restore the anc-wpa database to TBHF-ANC-FRL anc-wpa-for-test database. pg_restore -U smru -d anc-wpa-for-test /home/delta/anc-wpa.tar # Run the migration script psql -U smru -d anc-wpa-for-test -a -f /home/delta/dah-tmp/01-Add-Primary-Key.sql psql -U smru -d anc-wpa-for-test -a -f /home/delta/dah-tmp/02-Add-Enter-Date.sql psql -U smru -d anc-wpa-for-test -a -f /home/delta/dah-tmp/03-Add-Jaundice.sql psql -U smru -d anc-wpa-for-test -a -f /home/delta/dah-tmp/01-Add-Configuration.sql