Jekyll2020-09-21T02:29:40+00:00https://zshmobi.com/feed.xmlZshMobiWrite an awesome description for your new site here. You can edit this line in _config.yml. It will appear in your document head meta (for Google search results) and in your feed.xml site description.GitHub UserHow To Load Apache Proxy Module in Qnap2020-03-14T00:00:00+00:002020-03-14T00:00:00+00:00https://zshmobi.com/2020/03/14/How-To-Load-Apache-Module-In-Qnap<p>Log in to the Qnap as administrator via SSH.</p>
<p>To View the list of avaliable Apache modules, go to</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code>/usr/local/apache/modules
</code></pre></div></div>
<p>To view those modules have already load, open this file</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code>/etc/config/apache/extra/apache-default-modules.conf
</code></pre></div></div>
<p>You should add proxy modules to the main configuration of Apache, showed as below, not the <code class="language-plaintext highlighter-rouge">apache-default-modules.conf</code></p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code>/etc/config/apache/apache.conf
</code></pre></div></div>
<p>Just append these lines into the conf</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># Added by xxx, xx/xx/2020 23:21:00</span>
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_http_module modules/mod_proxy_http.so
</code></pre></div></div>
<p>Create a new virtual host configuration through qnap web UI , by going to</p>
<blockquote>
<p><strong>Main Menu</strong> > <strong>Control Panel</strong> > <strong>Applications</strong> > <strong>Web Server</strong> > <strong>Virtual Host</strong> > <strong>Create New Virtual Host</strong>.</p>
</blockquote>
<p>Fill in your virtual host information as you like in the correct position, such as</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># hostname </span>
test.com
<span class="c"># port</span>
80
</code></pre></div></div>
<p>Now open the configuration of user vhost , <code class="language-plaintext highlighter-rouge">/etc/config/apache/extra/httpd-vhosts-user.conf</code></p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code>NameVirtualHost <span class="k">*</span>:80
<VirtualHost _default_:80>
DocumentRoot <span class="s2">"/share/Web"</span>
</VirtualHost>
<span class="c"># The vhost your added before</span>
<VirtualHost <span class="k">*</span>:80>
ServerName test.com
DocumentRoot <span class="s2">"/share/Public"</span>
<Directory <span class="s2">"/share/Public"</span><span class="o">></span>
Options FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
</code></pre></div></div>
<p>Update some options to support proxy module that client can browse web application behind apache whose port is 8080.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code>NameVirtualHost <span class="k">*</span>:80
<VirtualHost _default_:80>
DocumentRoot <span class="s2">"/share/Web"</span>
</VirtualHost>
<VirtualHost <span class="k">*</span>:80>
ServerName test.com
ProxyRequests off
<Proxy <span class="k">*</span><span class="o">></span>
<span class="c">#Order allow,deny</span>
Require all granted
</Proxy>
ProxyPass <span class="s2">"/"</span> <span class="s2">"http://127.0.0.1:8080/"</span>
ProxyPassReverse <span class="s2">"/"</span> <span class="s2">"http://127.0.0.1:8080/"</span>
</VirtualHost>
</code></pre></div></div>
<p>At last, restart Apache service.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code> /etc/init.d/Qthttpd.sh restart
</code></pre></div></div>
<p>BOOM!!! đ Enjoy yourself.</p>GitHub UserLog in to the Qnap as administrator via SSH.When the Camellia Blooms2019-10-26T00:00:00+00:002019-10-26T00:00:00+00:00https://zshmobi.com/2019/10/26/When-the-camellia-blooms<p>It took a whole Saturday night to watch this Korean TV show, which was crazy for me.</p>
<p>I must admit this soap TV show reminds me of the feeling you fall in love with someone.</p>
<p>I am looking forward to the second season, wondering what happens to them.</p>
<p>Click <a href="https://www.themoviedb.org/tv/93097">HERE</a> for more information about this TV show.</p>GitHub UserIt took a whole Saturday night to watch this Korean TV show, which was crazy for me.How To Deploy DNS Master-Slave Service2019-09-27T00:00:00+00:002019-09-27T00:00:00+00:00https://zshmobi.com/2019/09/27/How-To-Deploy-DNS-Master-Slave-Service<p>There are some experiment information I should mentioned as blow</p>
<table>
<thead>
<tr>
<th>Server Type</th>
<th>IP Address</th>
<th>Domain Name</th>
</tr>
</thead>
<tbody>
<tr>
<td>Master</td>
<td>192.168.50.11</td>
<td>master.sparkle.local</td>
</tr>
<tr>
<td>Slave</td>
<td>192.168.50.22</td>
<td>slave.sparkle.local</td>
</tr>
</tbody>
</table>
<h2 id="master">Master</h2>
<p>Install required RPM packages.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>yum <span class="nb">install</span> <span class="nt">-y</span> <span class="nb">bind </span>bind-utils
</code></pre></div></div>
<p>Modify the main configuration file saved in <code class="language-plaintext highlighter-rouge">/etc/named.conf</code></p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code>options <span class="o">{</span>
<span class="c"># add master ip address</span>
listen-on port 53 <span class="o">{</span> 127.0.0.1<span class="p">;</span>192.168.50.11<span class="p">;</span> <span class="o">}</span><span class="p">;</span>
<span class="c">#listen-on-v6 port 53 { ::1; }; # disable ipv6 I don't want </span>
directory <span class="s2">"/var/named"</span><span class="p">;</span>
dump-file <span class="s2">"/var/named/data/cache_dump.db"</span><span class="p">;</span>
statistics-file <span class="s2">"/var/named/data/named_stats.txt"</span><span class="p">;</span>
memstatistics-file <span class="s2">"/var/named/data/named_mem_stats.txt"</span><span class="p">;</span>
<span class="c"># define client ip range which can use current dns service</span>
allow-query <span class="o">{</span> localhost<span class="p">;</span>0.0.0.0/0<span class="p">;</span> <span class="o">}</span><span class="p">;</span>
<span class="c"># transfer to the slave server</span>
allow-transfer <span class="o">{</span> 192.168.50.22<span class="p">;</span><span class="o">}</span><span class="p">;</span>
recursion <span class="nb">yes</span><span class="p">;</span>
dnssec-enable <span class="nb">yes</span><span class="p">;</span>
dnssec-validation <span class="nb">yes</span><span class="p">;</span>
/<span class="k">*</span> Path to ISC DLV key <span class="k">*</span>/
bindkeys-file <span class="s2">"/etc/named.iscdlv.key"</span><span class="p">;</span>
managed-keys-directory <span class="s2">"/var/named/dynamic"</span><span class="p">;</span>
pid-file <span class="s2">"/run/named/named.pid"</span><span class="p">;</span>
session-keyfile <span class="s2">"/run/named/session.key"</span><span class="p">;</span>
<span class="o">}</span><span class="p">;</span>
logging <span class="o">{</span>
channel default_debug <span class="o">{</span>
file <span class="s2">"data/named.run"</span><span class="p">;</span>
severity dynamic<span class="p">;</span>
<span class="o">}</span><span class="p">;</span>
<span class="o">}</span><span class="p">;</span>
zone <span class="s2">"."</span> IN <span class="o">{</span>
<span class="nb">type </span>hint<span class="p">;</span>
file <span class="s2">"named.ca"</span><span class="p">;</span>
<span class="o">}</span><span class="p">;</span>
<span class="c"># define master forward zone configuration</span>
zone <span class="s2">"sparkle.local"</span> IN <span class="o">{</span>
<span class="nb">type </span>master<span class="p">;</span>
file <span class="s2">"sparkle.local.zone"</span><span class="p">;</span>
notify <span class="nb">yes</span><span class="p">;</span>
allow-update <span class="o">{</span> none<span class="p">;</span> <span class="o">}</span><span class="p">;</span>
<span class="o">}</span><span class="p">;</span>
<span class="c"># define master reverse zone configuration</span>
zone <span class="s2">"50.168.192.in-addr.arpa"</span> IN <span class="o">{</span>
<span class="nb">type </span>master<span class="p">;</span>
file <span class="s2">"50.168.192.zone"</span><span class="p">;</span>
notify <span class="nb">yes</span><span class="p">;</span>
allow-update <span class="o">{</span> none<span class="p">;</span> <span class="o">}</span><span class="p">;</span>
<span class="o">}</span><span class="p">;</span>
include <span class="s2">"/etc/named.rfc1912.zones"</span><span class="p">;</span>
include <span class="s2">"/etc/named.root.key"</span><span class="p">;</span>
</code></pre></div></div>
<p>Create forward zone configuration saved in <code class="language-plaintext highlighter-rouge">/var/named/sparkle.local.zone </code></p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$TTL</span> 86400
@ IN SOA master.sparkle.local. root.sparkle.local. <span class="o">(</span>
2011071001 <span class="p">;</span>Serial
3600 <span class="p">;</span>Refresh
1800 <span class="p">;</span>Retry
604800 <span class="p">;</span>Expire
86400 <span class="p">;</span>Minimum TTL
<span class="o">)</span>
@ IN NS master.sparkle.local.
@ IN NS slave.sparkle.local.
@ IN A 192.168.50.11
@ IN A 192.168.50.22
master IN A 192.168.50.11
slave IN A 192.168.50.22
</code></pre></div></div>
<p>Create reverse zone configuration saved in <code class="language-plaintext highlighter-rouge">/var/named/50.168.192.zone </code></p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$TTL</span> 86400
@ IN SOA master.sparkle.local. root.sparkle.local. <span class="o">(</span>
2011071001 <span class="p">;</span>Serial
3600 <span class="p">;</span>Refresh
1800 <span class="p">;</span>Retry
604800 <span class="p">;</span>Expire
86400 <span class="p">;</span>Minimum TTL
<span class="o">)</span>
@ IN NS master.sparkle.local.
@ IN NS slave.sparkle.local.
@ IN PTR sparkle.local.
master IN A 192.168.50.11
slave IN A 192.168.50.22
</code></pre></div></div>
<p>Check if the main configuration file is correct or not.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># it's right for nothing output</span>
<span class="nv">$ </span>named-checkconf /etc/named.conf
<span class="c"># It's right for the output contains OK, otherwise you should check the zone config again</span>
<span class="nv">$ </span>named-checkzone sparkle.local /var/named/sparkle.forward
<span class="nv">$ </span>named-checkzone sparkle.local /var/named/sparkle.reverse
</code></pre></div></div>
<p>Start and enable the named service.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>systemctl start named
<span class="nv">$ </span>systemctl <span class="nb">enable </span>named
</code></pre></div></div>
<p>Update network interface configuration to use current DNS address.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>vim /etc/sysconfig/network-scripts/ifcfg-ens192
<span class="c"># add these lines</span>
<span class="nv">DNS1</span><span class="o">=</span>192.168.50.11
<span class="nv">DNS2</span><span class="o">=</span>192.168.50.22
</code></pre></div></div>
<p>Update <code class="language-plaintext highlighter-rouge">/etc/resolv.conf</code> to use current DNS address.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span><span class="nb">cat</span> /etc/resolv.conf
nameserver 192.168.50.11 <span class="c">#master</span>
nameserver 192.168.50.22 <span class="c">#slave</span>
</code></pre></div></div>
<p>Restart the network service</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>systemctl restart network
</code></pre></div></div>
<p>Allow the DNS service default port 53 through iptables.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># iptables</span>
<span class="nv">$ </span>iptables <span class="nt">-I</span> INPUT <span class="nt">-m</span> state <span class="nt">--state</span> NEW <span class="nt">-p</span> tcp <span class="nt">--dport</span> 53 <span class="nt">-j</span> ACCEPT
<span class="nv">$ </span>iptables <span class="nt">-I</span> INPUT <span class="nt">-m</span> state <span class="nt">--state</span> NEW <span class="nt">-p</span> udp <span class="nt">--dport</span> 53 <span class="nt">-j</span> ACCEPT
<span class="c"># firewalld</span>
<span class="nv">$ </span>firewall-cmd <span class="nt">--permanent</span> <span class="nt">--add-port</span><span class="o">=</span>53/tcp
<span class="nv">$ </span>firewall-cmd <span class="nt">--permanent</span> <span class="nt">--add-port</span><span class="o">=</span>53/udp
<span class="nv">$ </span>firewall-cmd <span class="nt">--reload</span>
</code></pre></div></div>
<h2 id="slave">Slave</h2>
<p>Install required RPM packages.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>yum <span class="nb">install</span> <span class="nt">-y</span> <span class="nb">bind </span>bind-utils
</code></pre></div></div>
<p>Modify the main configuration file saved in <code class="language-plaintext highlighter-rouge">/etc/named.conf</code></p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code>options <span class="o">{</span>
<span class="c"># add slave ip address</span>
listen-on port 53 <span class="o">{</span> 127.0.0.1<span class="p">;</span>192.168.50.22<span class="p">;</span> <span class="o">}</span><span class="p">;</span>
<span class="c">#listen-on-v6 port 53 { ::1; }; # disable ipv6 I don't want </span>
directory <span class="s2">"/var/named"</span><span class="p">;</span>
dump-file <span class="s2">"/var/named/data/cache_dump.db"</span><span class="p">;</span>
statistics-file <span class="s2">"/var/named/data/named_stats.txt"</span><span class="p">;</span>
memstatistics-file <span class="s2">"/var/named/data/named_mem_stats.txt"</span><span class="p">;</span>
<span class="c"># define client ip range which can use current dns service</span>
allow-query <span class="o">{</span> localhost<span class="p">;</span>0.0.0.0/0<span class="p">;</span> <span class="o">}</span><span class="p">;</span>
recursion <span class="nb">yes</span><span class="p">;</span>
dnssec-enable <span class="nb">yes</span><span class="p">;</span>
dnssec-validation <span class="nb">yes</span><span class="p">;</span>
/<span class="k">*</span> Path to ISC DLV key <span class="k">*</span>/
bindkeys-file <span class="s2">"/etc/named.iscdlv.key"</span><span class="p">;</span>
managed-keys-directory <span class="s2">"/var/named/dynamic"</span><span class="p">;</span>
pid-file <span class="s2">"/run/named/named.pid"</span><span class="p">;</span>
session-keyfile <span class="s2">"/run/named/session.key"</span><span class="p">;</span>
<span class="o">}</span><span class="p">;</span>
logging <span class="o">{</span>
channel default_debug <span class="o">{</span>
file <span class="s2">"data/named.run"</span><span class="p">;</span>
severity dynamic<span class="p">;</span>
<span class="o">}</span><span class="p">;</span>
<span class="o">}</span><span class="p">;</span>
zone <span class="s2">"."</span> IN <span class="o">{</span>
<span class="nb">type </span>hint<span class="p">;</span>
file <span class="s2">"named.ca"</span><span class="p">;</span>
<span class="o">}</span><span class="p">;</span>
<span class="c"># define slave forward zone configuration</span>
zone <span class="s2">"sparkle.local"</span> IN <span class="o">{</span>
<span class="nb">type </span>slave<span class="p">;</span>
file <span class="s2">"slaves/sparkle.local.zone"</span><span class="p">;</span>
masters <span class="o">{</span> 192.168.50.11<span class="p">;</span> <span class="o">}</span><span class="p">;</span>
<span class="o">}</span><span class="p">;</span>
<span class="c"># define slave reverse zone configuration</span>
zone <span class="s2">"50.168.192.in-addr.arpa"</span> IN <span class="o">{</span>
<span class="nb">type </span>slave<span class="p">;</span>
file <span class="s2">"slaves/50.168.192.zone"</span><span class="p">;</span>
masters <span class="o">{</span> 192.168.50.11<span class="p">;</span> <span class="o">}</span><span class="p">;</span>
<span class="o">}</span><span class="p">;</span>
include <span class="s2">"/etc/named.rfc1912.zones"</span><span class="p">;</span>
include <span class="s2">"/etc/named.root.key"</span><span class="p">;</span>
</code></pre></div></div>
<p>Check if the main configuration file is correct or not.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># it's right for nothing output</span>
<span class="nv">$ </span>named-checkconf /etc/named.conf
</code></pre></div></div>
<p>Start and enable named service</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>systemctl start named
<span class="nv">$ </span>systemctl <span class="nb">enable </span>named
</code></pre></div></div>
<p>There is no need to create zone configurations manually at this time, which will be sync by master named service. But you should check the zone configurations exist or not after about 5 minutes , maybe less.</p>
<p>Update network interface configuration to use current DNS address.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>vim /etc/sysconfig/network-scripts/ifcfg-ens192
<span class="c"># add these lines</span>
<span class="nv">DNS1</span><span class="o">=</span>192.168.50.11
<span class="nv">DNS2</span><span class="o">=</span>192.168.50.22
</code></pre></div></div>
<p>Update <code class="language-plaintext highlighter-rouge">/etc/resolv.conf</code> to use current DNS address.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span><span class="nb">cat</span> /etc/resolv.conf
nameserver 192.168.50.11 <span class="c">#master</span>
nameserver 192.168.50.22 <span class="c">#slave</span>
</code></pre></div></div>
<h2 id="client">Client</h2>
<p>Assuming the client system is centos 7. There are 3 ways to check if the DNS service is correct or not.</p>
<p>Make sure you have updated network interface configuration and resolve configuration.</p>
<ul>
<li>Ping</li>
</ul>
<p>The easiest way to check domain name.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>ping master.sparcle.local
Reply from 192.168.50.11: <span class="nv">bytes</span><span class="o">=</span>32 <span class="nb">time</span><span class="o">=</span>1ms <span class="nv">TTL</span><span class="o">=</span>126
</code></pre></div></div>
<ul>
<li>nslookup</li>
</ul>
<p>The flexible way you can specify which DNS address you want to use.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># use default dns address to check domain name</span>
<span class="nv">$ </span>nslookup master.sparcle.local
Server: 192.168.50.11
Address: 192.168.50.11#53
Name: master.sparcle.local
Address: 192.168.50.11
<span class="c"># use slave dns address to check domain name</span>
<span class="nv">$ </span>nslookup master.sparcle.local 192.168.50.22
Server: 192.168.50.22
Address: 192.168.50.22#53
Name: master.sparcle.local
Address: 192.168.50.11
</code></pre></div></div>
<ul>
<li>dig</li>
</ul>
<p>The way you can get full information about domain name .</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>dig master.sparcle.local
<span class="p">;</span> <<<span class="o">>></span> DiG 9.9.4-RedHat-9.9.4-61.el7 <<<span class="o">>></span> vcenter.ztrx.gz
<span class="p">;;</span> global options: +cmd
<span class="p">;;</span> Got answer:
<span class="p">;;</span> ->>HEADER<span class="o"><<-</span> <span class="no">opcode</span><span class="sh">: QUERY, status: NOERROR, id: 56346
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;master.sparcle.local. IN A
;; ANSWER SECTION:
master.sparcle.local. 86400 IN A 192.168.50.11
;; AUTHORITY SECTION:
ztrx.gz. 86400 IN NS master.sparcle.local.
;; ADDITIONAL SECTION:
master.sparcle.local. 86400 IN A 192.168.50.11
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Nov 18 10:23:49 CST 2019
;; MSG SIZE rcvd: 97
</span></code></pre></div></div>
<h2 id="sync">Sync</h2>
<p>Assume you want to add a new A record to DNS service like this</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>ping test.sparcle.local
Reply from 192.168.50.33: <span class="nv">bytes</span><span class="o">=</span>32 <span class="nb">time</span><span class="o">=</span>1ms <span class="nv">TTL</span><span class="o">=</span>126
</code></pre></div></div>
<p>Add this line to both forward zone configuration file and reverse zone configuration file in master server.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code>slave IN A 192.168.50.33
</code></pre></div></div>
<p>The most <code class="language-plaintext highlighter-rouge">important</code> thing is that change the <code class="language-plaintext highlighter-rouge">Serial</code> value and make it larger than before, or the slave server can not get update record from master server.</p>GitHub UserThere are some experiment information I should mentioned as blowHow to deploy local http yum repository2019-09-25T00:00:00+00:002019-09-25T00:00:00+00:00https://zshmobi.com/2019/09/25/How-To-deploy-local-http-yum-repository<p>Installing some RPM packages without WAN network can be painful. Why not deploy a local http yum repository to manage your rpm packages.</p>
<p>Assume we have two host just like this</p>
<ol>
<li>CentOS 7 Server - 1.2.3.4</li>
<li>CentOS 7 Client - 1.2.3.5</li>
</ol>
<h2 id="server">Server</h2>
<p>Mount CentOS 7 DVD iso into the server .</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span><span class="nb">mkdir</span> <span class="nt">-pv</span> /media/CentOS
<span class="nv">$ </span>mount /dev/cd-rom /media/CentOS
</code></pre></div></div>
<p>Create local yum repository</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># create local repository directory</span>
<span class="nv">$ </span><span class="nb">mkdir</span> <span class="nt">-pv</span> /data/mylocal
<span class="c"># sync rpm packages</span>
<span class="nv">$ </span><span class="nb">cp</span> <span class="nt">-ap</span> /media/CentOS/<span class="k">*</span> /data/mylocal
<span class="c"># create local repository info</span>
<span class="nv">$ </span>yum <span class="nt">-y</span> <span class="nb">install </span>createrepo <span class="nt">--disablerepo</span><span class="o">=</span><span class="s1">'*'</span> <span class="nt">--enablerepo</span><span class="o">=</span><span class="s1">'c7-media'</span>
<span class="nv">$ </span>createrepo /data/mylocal
</code></pre></div></div>
<p>Create local yum repository configuration and Test it</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>vim /etc/yum.repos.d/mylocal.repo
<span class="o">[</span>mylocal]
<span class="nv">name</span><span class="o">=</span>mylocal
<span class="nv">baseurl</span><span class="o">=</span>file://data/mylocal
<span class="nv">enabled</span><span class="o">=</span>1
<span class="nv">gpgcheck</span><span class="o">=</span>0
<span class="nv">$ </span>yum clean all <span class="o">&&</span> yum repolist all
<span class="c"># test the repository</span>
<span class="nv">$ </span>yum search vsftp <span class="nt">--disablerepo</span><span class="o">=</span><span class="s1">'*'</span> <span class="nt">--enablerepo</span><span class="o">=</span>mylocal
</code></pre></div></div>
<p>Add a virtual host configuration in nginx.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>yum <span class="nt">-y</span> <span class="nb">install </span>nginx
<span class="nv">$ </span>vim /etc/nginx/conf.d/mylocal.conf
server <span class="o">{</span>
listen 8090<span class="p">;</span>
server_name your_server_name<span class="p">;</span>
root /data/mylocal<span class="p">;</span>
location / <span class="o">{</span>
autoindex on<span class="p">;</span> <span class="c"># Make Sure this line exist !</span>
<span class="o">}</span>
<span class="o">}</span>
<span class="nv">$ </span><span class="nb">sudo </span>nginx <span class="nt">-t</span>
<span class="nv">$ </span>systemctl reload nginx
<span class="nv">$ </span>systemctl <span class="nb">enable </span>nginx
</code></pre></div></div>
<p>Consider the only repository is <code class="language-plaintext highlighter-rouge">mylocal</code> , you can delete other <code class="language-plaintext highlighter-rouge">*.repo</code> saved in <code class="language-plaintext highlighter-rouge">/etc/yum.repos.d</code> , which make <strong>mylocal</strong> as the default repository.</p>
<p>Allow the port you defined in nginx virtual host through iptables.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># port 8090 defined in nginx </span>
<span class="nv">$ </span>iptable <span class="nt">-I</span> INPUT <span class="nt">-m</span> state <span class="nt">--state</span> NEW <span class="nt">-p</span> tcp <span class="nt">--dport</span> 8090 <span class="nt">-j</span> ACCEPT
</code></pre></div></div>
<p>Remember to umount the DVD iso .</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>umount /media/CentOS
</code></pre></div></div>
<h2 id="client">Client</h2>
<p>Add a new repository configuration saved in <code class="language-plaintext highlighter-rouge">/etc/yum.repos.d/mylocal</code> .</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>vim /etc/yum.repos.d/mylocal.repo
<span class="o">[</span>mylocal]
<span class="nv">name</span><span class="o">=</span>mylocal
<span class="nv">baseurl</span><span class="o">=</span>http://192.168.50.11:8090
<span class="nv">enabled</span><span class="o">=</span>1
<span class="nv">gpgcheck</span><span class="o">=</span>0
</code></pre></div></div>
<p>Set <strong>mylocal</strong> as default repository and update yum cache.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span><span class="nb">mv </span>CentOS-<span class="k">*</span>.repo /tmp
<span class="nv">$ </span>yum clean all <span class="o">&&</span> yum makecache
</code></pre></div></div>
<p>Try to install a rpm package whether the repository run correctly or not.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>yum <span class="nb">install </span>w3m <span class="nt">-y</span>
</code></pre></div></div>
<h2 id="update-repository">Update Repository</h2>
<p>You need to update repository manually, when you want to add some new packages.</p>
<p>Assume you want to add package <strong>vsftpd</strong> . The package dependence could be solved by <em>yum</em> command.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># execute these command in a centos contain WAN network</span>
<span class="c"># clear cache packages</span>
<span class="nv">$ </span>find /var/cache/yum/x86_64/7 <span class="nt">-name</span> <span class="s2">"*.rpm"</span> <span class="nt">-exec</span> <span class="nb">rm</span> <span class="nt">-f</span> <span class="o">{}</span> <span class="se">\;</span>
<span class="c"># download vsftpd package</span>
<span class="nv">$ </span>yum <span class="nb">install </span>vsftpd
Resolving Dependencies
<span class="nt">--</span><span class="o">></span> Running transaction check
<span class="nt">---</span><span class="o">></span> Package vsftpd.x86_64 0:3.0.2-25.el7 will be installed
<span class="nt">--</span><span class="o">></span> Finished Dependency Resolution
Dependencies Resolved
<span class="o">==============================================================</span>
Package Arch Version Repository Size
<span class="o">=====================================================================</span>
Installing:
vsftpd x86_64 3.0.2-25.el7 base 171 k
Transaction Summary
<span class="o">======================================================================</span>
Install 1 Package
Total download size: 171 k
Installed size: 353 k
Is this ok <span class="o">[</span>y/d/N]: d <span class="c"># Choose d !!! </span>
Background downloading packages, <span class="k">then </span>exiting:
vsftpd-3.0.2-25.el7.x86_64.rpm | 171 kB 00:00:06
exiting because <span class="s2">"Download Only"</span> specified
<span class="c"># tar all of the related packages </span>
<span class="nv">$ </span><span class="nb">mkdir</span> <span class="nt">-pv</span> /tmp/vsfptd
<span class="nv">$ </span>find /var/cache/yum/x86_64/7 <span class="nt">-name</span> <span class="s2">"*.rpm"</span> <span class="nt">-exec</span> <span class="nb">cp</span> <span class="o">{}</span> /tmp/vsftpd <span class="se">\;</span>
<span class="nv">$ </span><span class="nb">cd</span> /tmp/vsftpd <span class="o">&&</span> <span class="nb">tar</span> <span class="nt">-jcf</span> vsftpd_rpms.tar.bz2 <span class="k">*</span>.rpm
</code></pre></div></div>
<p>Upload the <strong>vsftpd_rpms.tar.bz2</strong> to server , which means the <em>192.168.50.11</em>, then create repository once again.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># assume vsftpd_rpms.tar.bz2 saved in /usr/local/src</span>
<span class="nv">$ </span><span class="nb">tar</span> <span class="nt">-xf</span> /usr/local/src/vsftpd_rpms.tar.bz2 <span class="nt">-C</span> /data/mylocal/Packages
<span class="nv">$ </span>createrepo /data/mylocal
</code></pre></div></div>
<p>BOOM ! Well Done ! You do a great job.</p>GitHub UserInstalling some RPM packages without WAN network can be painful. Why not deploy a local http yum repository to manage your rpm packages.How To Use Iptables2019-02-18T00:00:00+00:002019-02-18T00:00:00+00:00https://zshmobi.com/2019/02/18/How-To-Use-Iptables<p>Iptables is a very important skill that must be learned by every system administrator.</p>
<!--more-->
<h2 id="basic-usage">Basic Usage</h2>
<p>Enable iptables on centos 7 as root.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>systemctl stop firewalld
<span class="nv">$ </span>yum <span class="nb">install</span> <span class="nt">-y</span> iptables-servers
<span class="nv">$ </span>systemctl start iptables
<span class="nv">$ </span>systemctl <span class="nb">enable </span>iptables
</code></pre></div></div>
<p>There are 3 tables including <code class="language-plaintext highlighter-rouge">NAT</code>, <code class="language-plaintext highlighter-rouge">FILTER</code>, <code class="language-plaintext highlighter-rouge">MANGLE</code> and 5 chains including <code class="language-plaintext highlighter-rouge">PREROUTING</code>, <code class="language-plaintext highlighter-rouge">POSTROUTING</code>, <code class="language-plaintext highlighter-rouge">INPUT</code>, <code class="language-plaintext highlighter-rouge">OUTPUT</code> , <code class="language-plaintext highlighter-rouge">REDIRECT</code> . Different chains depends on the specific table.</p>
<p>Iptables default configuration file is <code class="language-plaintext highlighter-rouge">/etc/sysconfig/iptables</code>, anytime you restart the service, it will read iptables rules from the file. Letâs see the default rules looks like.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># /etc/sysconfig/iptables</span>
<span class="k">*</span>nat
:PREROUTING ACCEPT <span class="o">[</span>0:0] <span class="c"># default policy is ACCEPT</span>
:INPUT ACCEPT <span class="o">[</span>0:0] <span class="c"># default policy is ACCEPT</span>
:OUTPUT ACCEPT <span class="o">[</span>0:0] <span class="c"># default policy is ACCEPT</span>
:POSTROUTING ACCEPT <span class="o">[</span>0:0] <span class="c"># default policy is ACCEPT</span>
COMMIT
<span class="k">*</span>filter
:INPUT ACCEPT <span class="o">[</span>0:0] <span class="c"># default policy is ACCEPT</span>
:FORWARD ACCEPT <span class="o">[</span>0:0] <span class="c"># default policy is ACCEPT</span>
:OUTPUT ACCEPT <span class="o">[</span>0:0] <span class="c"># default policy is ACCEPT</span>
<span class="nt">-A</span> INPUT <span class="nt">-m</span> state <span class="nt">--state</span> RELATED,ESTABLISHED <span class="nt">-j</span> ACCEPT
<span class="nt">-A</span> INPUT <span class="nt">-p</span> icmp <span class="nt">-j</span> ACCEPT
<span class="nt">-A</span> INPUT <span class="nt">-i</span> lo <span class="nt">-j</span> ACCEPT
<span class="nt">-A</span> INPUT <span class="nt">-p</span> tcp <span class="nt">-m</span> state <span class="nt">--state</span> NEW <span class="nt">-m</span> tcp <span class="nt">--dport</span> 22 <span class="nt">-j</span> ACCEPT
<span class="c">#-A INPUT -j REJECT --reject-with icmp-host-prohibited</span>
<span class="c">#-A FORWARD -j REJECT --reject-with icmp-host-prohibited</span>
COMMIT
</code></pre></div></div>
<p>Here are some examples of iptables commands usages as root.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># print filter table all rules</span>
<span class="nv">$ </span>iptable <span class="nt">-t</span> filter <span class="nt">-nvL</span>
<span class="c"># print filter table INPUT rules</span>
<span class="nv">$ </span>iptable <span class="nt">-t</span> filter <span class="nt">-nvL</span> INPUT
<span class="c"># default table is filter and show rules num</span>
<span class="nv">$ </span>iptable <span class="nt">-nvL</span> <span class="nt">--line</span>
<span class="c"># set filter table FORWARD chains's default policy is REJECT</span>
<span class="nv">$ </span>iptable <span class="nt">-P</span> FORWARD REJECT
<span class="c"># allow port 8000</span>
<span class="nv">$ </span>iptable <span class="nt">-t</span> filter <span class="nt">-A</span> INPUT <span class="nt">-p</span> tcp <span class="nt">-m</span> state <span class="nt">--state</span> NEW <span class="nt">-m</span> tcp <span class="nt">--dport</span> 8000 <span class="nt">-j</span> ACCEPT
<span class="c"># delete a rule depend on the rule number</span>
<span class="nv">$ </span>iptables <span class="nt">-t</span> filter <span class="nt">-nvL</span> INPUT <span class="nt">--line</span>
<span class="nv">$ </span>iptables <span class="nt">-t</span> filter INPUT <span class="nt">-D</span> 2 <span class="c"># 2 is the rule's number</span>
</code></pre></div></div>
<h2 id="forward">Forward</h2>
<p>Forward also very important especially you want to run Linux as a router or gateway. Letâs do some experiments to know more in details. Assuming you have deployed the network environment as follow.</p>
<blockquote>
<p>Do these experiment on your local machines and run commands as root !!!</p>
</blockquote>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code>RouterA <span class="c"># 3.1-eth0</span>
âââ PC1 <span class="c"># 3.10</span>
âââ PC2 <span class="c"># 3.20</span>
âââ RouterB/PC3 <span class="c"># 3.30-enp0s3/8.1-enp0s8</span>
  âââ PC3 <span class="c"># 8.2</span>
  âââ PC4 <span class="c"># 8.3</span>
</code></pre></div></div>
<p>Now we want <strong>PC2</strong> can communicate with <strong>PC4</strong> each other through <strong>PC3</strong> .</p>
<p><strong>PC3</strong> basic requirement settings.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># enable kernel ip_forward</span>
<span class="nv">$ </span><span class="nb">echo</span> <span class="s1">'net.ipv4.ip_forward = 1'</span> <span class="o">>></span> /etc/sysctl.conf
<span class="nv">$ </span>sysctl <span class="nt">-p</span>
<span class="c"># if the result is 1, meaning you turn on the ip_forward</span>
<span class="nv">$ </span><span class="nb">cat</span> /proc/sys/net/ipv4/ip_forward
<span class="c"># use deault iptables rules showed before.</span>
<span class="c"># set filter table FORWARD chain's default policy is ACCEPT</span>
<span class="nv">$ </span>systemctl restart iptable
<span class="nv">$ </span>iptable <span class="nt">-t</span> filter FORWARD <span class="nt">-P</span> ACCEPT
</code></pre></div></div>
<p><strong>PC2</strong> settings</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># add a new route rule</span>
<span class="nv">$ </span>route add <span class="nt">-net</span> 192.168.8.0/24 gw 192.168.3.30
</code></pre></div></div>
<p>Now <strong>PC2</strong> and <strong>PC4</strong> can ping each other, but letâs add a new rule on <strong>PC3</strong> .</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>iptable <span class="nt">-t</span> filter <span class="nt">-A</span> FORWARD <span class="nt">-j</span> REJECT
</code></pre></div></div>
<p>They canât ping each other this time, now we need to add specific rules which ports was allowed to communicate. Assume we want the 8000 port.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># pc4, disable iptables temporarily</span>
<span class="nv">$ </span>python <span class="nt">-m</span> SimpleHTTPServer 8000 &
<span class="c"># pc2, disable iptables temporarily</span>
<span class="nv">$ </span>python <span class="nt">-m</span> SimpleHTTPServer 8000 &
</code></pre></div></div>
<p>Allow <strong>PC2</strong> telnet <strong>PC4</strong> 8000 port</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># pc3 setting</span>
<span class="nv">$ </span>iptables <span class="nt">-t</span> filter <span class="nt">-I</span> FORWARD <span class="nt">-s</span> 192.168.3.0/24 <span class="nt">-p</span> tcp <span class="nt">--dport</span> 8000 <span class="nt">-j</span> ACCEPT
<span class="c"># remeber to add return rules</span>
<span class="nv">$ </span>iptables <span class="nt">-t</span> filter <span class="nt">-I</span> FORWARD <span class="nt">-s</span> 192.168.8.0/24 <span class="nt">-p</span> tcp <span class="nt">--sport</span> 8000 <span class="nt">-j</span> ACCEPT
</code></pre></div></div>
<p>Allow <strong>PC4</strong> telnet <strong>PC2</strong> 8000 port</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># pc3 setting</span>
<span class="nv">$ </span>iptables <span class="nt">-t</span> filter <span class="nt">-I</span> FORWARD <span class="nt">-s</span> 192.168.8.0/24 <span class="nt">-p</span> tcp <span class="nt">--dport</span> 8000 <span class="nt">-j</span> ACCEPT
<span class="c"># remeber to add return rules</span>
<span class="nv">$ </span>iptables <span class="nt">-t</span> filter <span class="nt">-I</span> FORWARD <span class="nt">-s</span> 192.168.3.0/24 <span class="nt">-p</span> tcp <span class="nt">--sport</span> 8000 <span class="nt">-j</span> ACCEPT
</code></pre></div></div>
<p>The return rules can replace by this rule.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># pc3</span>
<span class="nv">$ </span>iptable <span class="nt">-t</span> filter <span class="nt">-I</span> FORWARD <span class="nt">-m</span> state <span class="nt">--state</span> ESTABLISHED,RELATED <span class="nt">-j</span> ACCEPT
</code></pre></div></div>
<ul>
<li><code class="language-plaintext highlighter-rouge">Static Route</code></li>
</ul>
<p>If you want subnet <strong>192.168.3.0/24</strong> communicate with <strong>192.168.8.0/24</strong> each other.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># RouterA</span>
<span class="nv">$ </span>route add <span class="nt">-net</span> 192.168.8.0/24 gw 192.168.3.30 dev eth0
</code></pre></div></div>
<h2 id="nat">NAT</h2>
<p>Assume <em>192.168.3.0</em> is WAN and <em>192.1168.8.0</em> is LAN. This time <strong>PC3</strong> work as a router, <em>Router B</em>. Donât forget the basic requirement settings.</p>
<ul>
<li><code class="language-plaintext highlighter-rouge">SNAT</code></li>
</ul>
<p><strong>PC2</strong> only knows the request comes from <em>Router B</em>, when <strong>PC4</strong> browse <strong>PC2</strong> 8000 port.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># Router B or PC3</span>
<span class="nv">$ </span>iptables <span class="nt">-t</span> nat <span class="nt">-A</span> POSTROUTING <span class="nt">-s</span> 192.168.8.0/24 <span class="nt">-j</span> SNAT <span class="nt">--to-source</span> 192.168.330
</code></pre></div></div>
<p>If Router B is not a static ip, such as PPPOE client used dynamic ip, then use the special action, <code class="language-plaintext highlighter-rouge">MASQUERADE</code>.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># Router B or PC3</span>
<span class="nv">$ </span>iptables <span class="nt">-t</span> nat <span class="nt">-A</span> POSTROUTING <span class="nt">-s</span> 192.168.8.0/24 <span class="nt">-o</span> enp0s3 <span class="nt">-j</span> MASQUERADE
</code></pre></div></div>
<ul>
<li><code class="language-plaintext highlighter-rouge">DNAT</code></li>
</ul>
<p>Browse the web server behind Router B throng Router B ip address. Assume <strong>PC4</strong> web server created by python is allow browse on <strong>PC2</strong> throng <em>192.168.3.30:80</em> .</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># Router B or PC3</span>
<span class="nv">$ </span>iptable <span class="nt">-t</span> nat <span class="nt">-A</span> PREROUTING <span class="nt">-d</span> 192.168.3.30 <span class="nt">-p</span> tcp <span class="nt">--dport</span> 80 <span class="nt">-j</span> DNAT <span class="nt">--to-destination</span> 192.168.8.3:8000
</code></pre></div></div>
<p>PPPOE dynamic ip</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># Router B or PC3</span>
<span class="nv">$ </span>iptable <span class="nt">-t</span> nat <span class="nt">-A</span> PREROUTING <span class="nt">-i</span> enp0s3 <span class="nt">-p</span> tcp <span class="nt">--dport</span> 80 <span class="nt">-j</span> DNAT <span class="nt">--to-destination</span> 192.168.8.3:8000
</code></pre></div></div>
<h2 id="others">Others</h2>
<p>Only use on local port redirect. 80 -> 8000</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># PC4</span>
<span class="nv">$ </span>iptable <span class="nt">-t</span> filter <span class="nt">-A</span> REDIRECT <span class="nt">-m</span> state <span class="nt">--state</span> NEW <span class="nt">-p</span> tcp <span class="nt">--dport</span> 80 <span class="nt">-j</span> REDIRECT <span class="nt">--to-ports</span> 8000
<span class="nv">$ </span>iptables <span class="nt">-t</span> filter <span class="nt">-A</span> INPUT <span class="nt">-m</span> state <span class="nt">--state</span> NEW <span class="nt">-p</span> tcp <span class="nt">-m</span> multiport 80,8000 <span class="nt">-j</span> ACCEPT
</code></pre></div></div>
<p>Log all 1194 udp port activity.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># /etc/rsyslog.conf</span>
<span class="nv">$ </span><span class="nb">echo</span> <span class="s1">'kern.warning /var/log/iptables.log'</span> <span class="o">>></span> /etc/rsyslog.conf
<span class="nv">$ </span>systemctl restart rsyslog
<span class="c"># iptables rule</span>
<span class="nv">$ </span>iptable <span class="nt">-t</span> filter <span class="nt">-m</span> state <span class="nt">--state</span> NEW <span class="nt">-p</span> udp <span class="nt">-m</span> udp <span class="nt">--dport</span> 1194 <span class="nt">-j</span> LOG
</code></pre></div></div>
<p>Allow port 80 communicate during 8:00 a.m. to 20:00 p.m.</p>
<div class="language-shell highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>iptables <span class="nt">-t</span> filter <span class="nt">-p</span> tcp <span class="nt">-m</span> state NEW <span class="nt">-m</span> tcp <span class="nt">--dport</span> 80 <span class="nt">-m</span> <span class="nb">time</span> <span class="nt">--datestart</span> 08:00 <span class="nt">--datestop</span> 20:00 <span class="nt">-j</span> ACCEPT
</code></pre></div></div>
<h2 id="summary">Summary</h2>
<p>There is no summary, cause I havenât finish this post yet đ</p>GitHub UserIptables is a very important skill that must be learned by every system administrator.How To Install Arch Linux2018-02-07T00:00:00+00:002018-02-07T00:00:00+00:00https://zshmobi.com/2018/02/07/How-To-Install-Arch-Linux<p>Install Arch Linux step by step, making you understand Linux system more effectively.</p>
<!--more-->
<h2 id="usb-disk">USB Disk</h2>
<p>Recommend to use <code class="language-plaintext highlighter-rouge">dd</code> command create bootable usb, or other methods click <a href="https://wiki.archlinux.org/index.php/USB_flash_installation_media">Here</a>.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span><span class="nb">dd </span><span class="nv">bs</span><span class="o">=</span>4m <span class="k">if</span><span class="o">=</span>/path/to/archlinux.iso <span class="nv">of</span><span class="o">=</span>/dev/sdx <span class="o">&&</span> <span class="nb">sync</span>
</code></pre></div></div>
<h2 id="install-arch">Install Arch</h2>
<blockquote>
<p>Read this <a href="https://wiki.archlinux.org/index.php/Installation_guide">installation guide</a> first !</p>
</blockquote>
<p>Check the boot type is UEFI or MBR.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># echo nothing means MBR</span>
<span class="nv">$ </span><span class="nb">ls</span> /sys/firmware/efi/efivars
</code></pre></div></div>
<p>Make sure network is OK.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>ping <span class="nt">-c</span> 5 www.so.com
</code></pre></div></div>
<p>Use wifi network, <code class="language-plaintext highlighter-rouge">recommend to use wire network</code></p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code> <span class="c"># connect to wifi network</span>
<span class="nv">$ </span>wifi-menu
</code></pre></div></div>
<p>Enable ssh service to remote control.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>systemctl start sshd
</code></pre></div></div>
<p>Set timezone and time rsync.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>timedatectl set-ntp <span class="nb">true</span>
<span class="nv">$ </span>timedatectl set-timezone Asia/Shanghai
</code></pre></div></div>
<p>Set most fast pacman mirrors</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>pacman-mirror <span class="nt">--country</span> <span class="s1">'China'</span>
</code></pre></div></div>
<p>Then <code class="language-plaintext highlighter-rouge">disk management</code></p>
<p>Check disk partition.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>lsblk /dev/sdx
</code></pre></div></div>
<p>Use <code class="language-plaintext highlighter-rouge">fdisk</code> command to manage your paritions.</p>
<blockquote>
<p>Sectors formulaďź1024 x 1024 x 1024 / 512 x Gigabyte = total sectors numbers.</p>
</blockquote>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>fdisk <span class="nt">-l</span> /dev/sda
Disk /dev/sda: 931.5 GiB, 1000204886016 bytes, 1953525168 sectors
Units: sectors of 1 <span class="k">*</span> 512 <span class="o">=</span> 512 bytes
Sector size <span class="o">(</span>logical/physical<span class="o">)</span>: 512 bytes / 4096 bytes
I/O size <span class="o">(</span>minimum/optimal<span class="o">)</span>: 4096 bytes / 4096 bytes
Disklabel <span class="nb">type</span>: dos
Disk identifier: 0x73c4c07a
<span class="c"># use man fdisk for how to create a new partition.</span>
</code></pre></div></div>
<p>Also you can use <code class="language-plaintext highlighter-rouge">cfdisk</code> , which is more humanity.</p>
<p><code class="language-plaintext highlighter-rouge">UEFI</code> mode need a <em>ESP</em> partition ďźclick <a href="https://wiki.archlinux.org/index.php/EFI_System_Partition">here</a> for more in details.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>mkfs.vfat /dev/sda1
<span class="nv">$ </span>mount /dev/sda1 /mnt/boot
</code></pre></div></div>
<p>Format new partitions.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># /dev/sda1 /</span>
<span class="c"># /dev/sda2 /home</span>
<span class="c"># /dev/sda3 swap</span>
<span class="nv">$ </span>mkfs.ext4 /dev/sda1
<span class="nv">$ </span>mkfs.ext4 /dev/sda2
<span class="nv">$ </span>mkswap /dev/sda3
</code></pre></div></div>
<p>Mount partitions.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>swapon /dev/sda3
<span class="c"># Make sure mount / first.</span>
<span class="nv">$ </span>mount /dev/sda1/ /mnt
<span class="nv">$ </span><span class="nb">mkdir</span> /mnt/home <span class="o">&&</span> mount /dev/sda2 /mnt/home
<span class="c"># Check the mount details.</span>
<span class="nv">$ </span>lsblk <span class="nt">-f</span>
</code></pre></div></div>
<p>Install target system.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># WIFI network needs these, iw dialog wpa_supplicant wpa_actiond</span>
<span class="nv">$ </span>pacstrap /mnt base base-devel
</code></pre></div></div>
<p>Generate fstab to target system.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>genfstab <span class="nt">-U</span> /mnt <span class="o">>></span> /mnt/etc/fstab
</code></pre></div></div>
<p>Switch to the target system.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>arch-chroot /mnt /bin/bash
</code></pre></div></div>
<p>Set timezone and local time.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span><span class="nb">ln</span> <span class="nt">-sf</span> /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
<span class="nv">$ </span>hwclock <span class="nt">--systohc</span> <span class="nt">--utc</span>
</code></pre></div></div>
<p>Set language.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>locale-gen
<span class="nv">$ </span><span class="nb">sed</span> <span class="nt">-i</span> <span class="s1">'/zh_CN\.UTF\-8/ s/#//'</span> /etc/locale.gen
<span class="nv">$ </span><span class="nb">sed</span> <span class="nt">-i</span> <span class="s1">'/en_US\.UTF\-8/ s/#//'</span> /etc/locale.gen
<span class="nv">$ </span>locale-gen
<span class="nv">$ </span><span class="nb">cat</span> <span class="o">></span> /etc/locale.conf <span class="o"><<</span> <span class="no">EOF</span><span class="sh">
LANG=en_US.UTF-8
LC_CTYPE=zh_CN.UTF-8
</span><span class="no">EOF
</span></code></pre></div></div>
<p>Set hostname and hosts.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># hostname</span>
<span class="nv">$ </span><span class="nb">echo</span> <span class="s1">'JeffArch'</span> <span class="o">></span> /etc/hostname
<span class="c"># hosts</span>
<span class="nv">$ </span><span class="nb">cat</span> <span class="o">></span> /etc/hosts <span class="o"><<</span> <span class="no">EOF</span><span class="sh">
127.0.0.1 localhost
::1 localhost
</span><span class="no">EOF
</span></code></pre></div></div>
<p>Set root password.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>passwd root
</code></pre></div></div>
<p>Install grub.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># os-prober uses for dual-system</span>
<span class="nv">$ </span>pacman <span class="nt">-S</span> grub os-prober
</code></pre></div></div>
<p>Install grub to disk.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># MBR mode without sda partition number</span>
<span class="nv">$ </span>grub-install <span class="nt">--target</span><span class="o">=</span>i386-pc /dev/sda <span class="nt">--recheck</span>
<span class="c"># UEFI modeďź mount 512M esp partition to /boot</span>
<span class="nv">$ </span>pacman <span class="nt">-S</span> efibootmgr dosfstools
<span class="nv">$ </span>grub-install <span class="nt">--target</span><span class="o">=</span>x86_64-efi <span class="nt">--efi-directory</span><span class="o">=</span>/boot <span class="nt">--bootloader-id</span><span class="o">=</span>grub <span class="nt">--recheck</span>
</code></pre></div></div>
<p>Generate grub configuration.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># system can not boot without this action</span>
<span class="nv">$ </span>grub-mkconfig <span class="nt">-o</span> /boot/grub/grub.cfg
</code></pre></div></div>
<p>Enable dhcp client service.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>systemctl <span class="nb">enable </span>dhcpcd
</code></pre></div></div>
<p>Exit target system.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span><span class="nb">exit</span>
</code></pre></div></div>
<p>Umount target system and reboot computer.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>umount <span class="nt">-R</span> /mnt <span class="o">&&</span> reboot
</code></pre></div></div>
<p>Remember to remove usb disk.</p>
<h2 id="initial-system">Initial System</h2>
<blockquote>
<p>Read this <a href="https://wiki.archlinux.org/index.php/General_recommendations">catalogue</a> first !</p>
</blockquote>
<p>Login as root and create a new normal user for daily management.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>useradd <span class="nt">-m</span> <span class="nt">-G</span> wheel <span class="nt">-s</span> /bin/bash jeff
<span class="nv">$ </span>passwd jeff
</code></pre></div></div>
<p>Enable <code class="language-plaintext highlighter-rouge">sudo</code> function to the new user.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span><span class="nb">echo</span> <span class="s2">"%jeff ALL=(ALL:ALL) NOPASSWD:ALL"</span> <span class="o">></span> /etc/sudoers.d/jeff
<span class="nv">$ </span><span class="nb">chmod </span>600 /etc/sudoers.d/jeff
</code></pre></div></div>
<p>Install extra fonts.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># google open source fonts</span>
<span class="nv">$ </span><span class="nb">sudo </span>pacman <span class="nt">-S</span> noto-fonts noto-fonts-cjk noto-fonts-emoji
<span class="c"># wenquanyi</span>
<span class="nv">$ </span><span class="nb">sudo </span>pacman <span class="nt">-S</span> wqy-microhei wqy-zenhei
<span class="nv">$ </span><span class="nb">sudo </span>pacman <span class="nt">-S</span> ttf-dejavu
<span class="nv">$ </span><span class="nb">sudo </span>pacman <span class="nt">-S</span> ttf-win7-fonts ttf-office-2007-fonts
<span class="c"># monaco fonts</span>
</code></pre></div></div>
<p>Install display serverďźwhich I chose here is <a href="https://wiki.archlinux.org/index.php/Xorg">Xorg</a>. You can not run desktop environment without it.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span><span class="nb">sudo </span>pacman <span class="nt">-S</span> xorg <span class="c"># choose the default vaules</span>
</code></pre></div></div>
<p>Install graphical driverďźvesa is defaultďźothers can click <a href="https://wiki.archlinux.org/index.php/ATI">ATI</a> ă<a href="https://wiki.archlinux.org/index.php/Intel_graphics">Intel</a> ă<a href="https://wiki.archlinux.org/index.php/NVIDIA">Nvidia</a>.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># check what your graphic driver is</span>
<span class="nv">$ </span>lspci | <span class="nb">grep </span>VGA
<span class="nv">$ </span><span class="nb">sudo </span>pacman <span class="nt">-S</span> xf86-video-vesa <span class="c"># default</span>
<span class="nv">$ </span><span class="nb">sudo </span>pacman <span class="nt">-S</span> xf86-video-ati <span class="c"># AMD</span>
<span class="nv">$ </span><span class="nb">sudo </span>pacman <span class="nt">-S</span> xf86-video-intel <span class="c"># intel</span>
<span class="nv">$ </span><span class="nb">sudo </span>pacman <span class="nt">-S</span> xf86-video-nouveau <span class="c"># nvidia</span>
<span class="nv">$ </span><span class="nb">sudo </span>pacman <span class="nt">-S</span> virtualbox-guest-utils <span class="c"># virtualbox</span>
</code></pre></div></div>
<p>Install <a href="https://wiki.archlinux.org/index.php/Display_manager">Display Manager</a>ďźhere as shownďź</p>
<ol>
<li><code class="language-plaintext highlighter-rouge">gdm</code> for <em>GNOME</em> desktop.</li>
<li><code class="language-plaintext highlighter-rouge">sddm</code> for KDE desktop.</li>
<li><code class="language-plaintext highlighter-rouge">lightDM</code> for Cross-desktop display manager, like ubuntu unity desktop.</li>
</ol>
<p>Install <a href="https://wiki.archlinux.org/index.php/Desktop_environment">Desktop environment</a>ďźchoose one of your faviour. <br />
<em>Gnome Desktop</em></p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span><span class="nb">sudo </span>pacman <span class="nt">-S</span> gnome gnome-extras
</code></pre></div></div>
<p><em>xfce4 Desktop</em></p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span><span class="nb">sudo </span>pacman <span class="nt">-S</span> xfce4 xfce4-goodies sddm
</code></pre></div></div>
<p><em>KDE Desktop</em></p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span><span class="nb">sudo </span>pacman <span class="nt">-S</span> plasma kde-applications-meta sddm kde-l10n-zh_cn
</code></pre></div></div>
<p><em>KDE Minimal Desktop</em></p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span><span class="nb">sudo </span>pacman <span class="nt">-S</span> plasma dolphin kate konsole sddm kde-l10n-zh_cn
</code></pre></div></div>
<p>Enable display server auto run when system boot up.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span><span class="nb">sudo </span>systemctl <span class="nb">enable </span>gdm <span class="c"># or sddm or lightDM</span>
</code></pre></div></div>
<p>Install input method, either Ibus or fcitx.</p>
<ul>
<li><a href="https://wiki.archlinux.org/index.php/IBus">Ibus</a></li>
</ul>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span><span class="nb">sudo </span>pacman <span class="nt">-S</span> ibus
<span class="nv">$ </span><span class="nb">sudo </span>pacman <span class="nt">-S</span> ibus-qt
<span class="nv">$ </span><span class="nb">sudo </span>pacman <span class="nt">-S</span> ibus-rime
<span class="nv">$ </span>ibus-setup
<span class="nv">$ </span><span class="nb">cat</span> <span class="o">>></span> ~/.bashrc <span class="o"><<</span> <span class="no">EOF</span><span class="sh">
export GTK_IM_MODULE=ibus
export XMODIFIERS=@im=ibus
export QT_IM_MODULE=ibus
</span><span class="no">EOF
</span></code></pre></div></div>
<ul>
<li><a href="https://wiki.archlinux.org/index.php/Fcitx">Fcitx</a></li>
</ul>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span><span class="nb">sudo </span>pacman <span class="nt">-S</span> fcitx fcitx-rime fcitx-configtool fcitx-gtk3 fcitx-gtk2 fcitx-qt5
<span class="nv">$ </span>fcitx-config-gtk3
<span class="nb">echo</span> <span class="nt">-e</span> <span class="s2">"GTK_IM_MODULE=fcitx</span><span class="se">\n</span><span class="s2">QT_IM_MODULE=fcitx</span><span class="se">\n</span><span class="s2">XMODIFIERS=@im=fcitx"</span> | <span class="nb">sudo tee</span> <span class="nt">-a</span> /etc/environment
</code></pre></div></div>
<p>Now reboot new system and login it again to the desktop environment.</p>
<h2 id="software">Software</h2>
<p>Recommend these software as shown here.</p>
<p>Basic software</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>pacman <span class="nt">-S</span> wget zsh w3m curl openssh <span class="nb">sudo </span>terminator proxychains vim fakeroot net-tools gparted zip unzip unrar tree ntfs-3g yajl ufw archey3 cronie git
</code></pre></div></div>
<p>Multiply media software</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>pacman <span class="nt">-S</span> gedit remmina libvncserver freerdp smplayer smplayer-themes qbittorrent chromium mkvtoolnix-cli mkvtoolnix-gui aegisub subtitleeditor firefox extra/firefox-i18n-zh-cn telegram-desktop chromium
</code></pre></div></div>
<ul>
<li><strong>SecureCRT</strong></li>
</ul>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># download the tar file yourself</span>
<span class="nv">$ </span><span class="nb">tar</span> <span class="nt">-xf</span> scrt-8.1.4.1443.ubuntu16-64.tar.gz
<span class="nv">$ </span><span class="nb">sudo mv </span>scrt-8.1.4 /usr/local/
<span class="nv">$ </span><span class="nb">sudo ln</span> <span class="nt">-s</span> /usr/local/scrt-8.1.4/SecureCRT /usr/bin/SecureCRT
<span class="nv">$ </span><span class="nb">sudo cp</span> /usr/local/scrt-8.1.4/SecureCRT.desktop /usr/share/application
<span class="nv">$ </span><span class="nb">sudo </span>perl securecrt_linux_crack.pl /usr/bin/SecureCRT
</code></pre></div></div>
<ul>
<li><strong>Virutalbox</strong></li>
</ul>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span><span class="nb">sudo </span>pacman <span class="nt">-S</span> virtualbox virtualbox-host-dkms
<span class="nv">$ </span><span class="nb">sudo</span> /sbin/rcvboxdrv setup
<span class="nv">$ </span><span class="nb">sudo </span>gpasswd <span class="nt">-a</span> <span class="nv">$USER</span> vboxusers
</code></pre></div></div>
<ul>
<li><strong>aria2</strong></li>
</ul>
<p>aria2 downloader.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span><span class="nb">cat</span> <span class="o">></span> /lib/systemd/system/aria2.service <span class="o"><<</span> <span class="no">EOF</span><span class="sh">
[Unit]
Description=Aria2c download manager
After=network.target
[Service]
Type=simple
User=</span><span class="k">${</span><span class="nv">USER</span><span class="k">}</span><span class="sh">
ExecStart=/usr/bin/aria2c --conf-path=/home/</span><span class="k">${</span><span class="nv">USER</span><span class="k">}</span><span class="sh">/.aria2/aria2.conf
[Install]
WantedBy=multi-user.target
</span><span class="no">EOF
</span><span class="nv">$ </span>systemctl daemon-reload
</code></pre></div></div>
<p>Create your own <em>aria2.conf</em>, you can google it for more in details.</p>
<ul>
<li><strong>LNMP</strong></li>
</ul>
<p>Install <strong>nginx</strong></p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span><span class="nb">sudo </span>pacman <span class="nt">-S</span> nginx-mainline
</code></pre></div></div>
<p>Web username is http, while ubuntu web username is www-data.</p>
<p>Install <strong>php</strong></p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span><span class="nb">sudo </span>pacman <span class="nt">-S</span> php php-fpm
</code></pre></div></div>
<p>Install <strong>mysql</strong></p>
<p>Choose mariadb or percona.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span><span class="nb">sudo </span>pacman <span class="nt">-S</span> mariadb
</code></pre></div></div>
<p>Create data directory</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span><span class="nb">mkdir</span> /data/mysql
<span class="nv">$ </span><span class="nb">chown </span>mysql:mysql /data/mysql
</code></pre></div></div>
<p>Change some settings in /etc/mysql/my.cnf.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># enable innodb</span>
<span class="nb">sed</span> <span class="nt">-i</span> <span class="s1">'/innodb_/ s/#//'</span> /etc/mysql/my.cnf
<span class="nb">sed</span> <span class="nt">-i</span> <span class="s1">'s/no\-auto\-rehash/auto\-rehash/g'</span> /etc/mysql/my.cnf
<span class="nb">sed</span> <span class="nt">-i</span> <span class="s1">'/myisam_sort_buffer_size/a bind-address = 0.0.0.0'</span> /etc/mysql/my.cnf
<span class="c"># change to new data directory</span>
<span class="nb">sed</span> <span class="nt">-i</span> <span class="s1">'/myisam_sort_buffer_size/a datadir = /data/mysql'</span> /etc/mysql/my.cnf
</code></pre></div></div>
<p>Initial database.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code>mysql_install_db <span class="nt">--user</span><span class="o">=</span>mysql <span class="nt">--basedir</span><span class="o">=</span>/usr <span class="nt">--datadir</span><span class="o">=</span>/data/mysql
</code></pre></div></div>
<p>Start and enable msqld service.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code>systemctl start mysqld
systemctl <span class="nb">enable </span>mysqld
</code></pre></div></div>
<p>Set mysql root password.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code>mysql_secure_installation
</code></pre></div></div>
<h2 id="aur">AUR</h2>
<p><a href="https://wiki.archlinux.org/index.php/Arch_User_Repository">Arch User Repository</a>ďźshort as AUR, provides another way to user install extra software, which is difficult to use. Thanks to <code class="language-plaintext highlighter-rouge">yaourt</code> , allows user to install AUR software easily like pacman.</p>
<p>Add <em>Yaourt</em> warehouse, option.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span><span class="nb">echo</span> <span class="nt">-e</span> <span class="s2">"[archlinuxfr]</span><span class="se">\n</span><span class="s2">SigLevel = Never</span><span class="se">\n</span><span class="s2">Server = http://repo.archlinux.fr/</span><span class="se">\$</span><span class="s2">arch</span><span class="se">\n</span><span class="s2">"</span> | <span class="nb">sudo tee</span> <span class="nt">-a</span> /etc/pacman.conf <span class="sb">```</span>
Requirement.
â<span class="sb">```</span>bash
<span class="nv">$ </span><span class="nb">sudo </span>pacman <span class="nt">-Sy</span> yaourt fakeroot
</code></pre></div></div>
<p>Install personal software.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">$ </span>yaourt <span class="nt">-S</span> typora <span class="c"># markdown editor</span>
<span class="nv">$ </span>yaourt <span class="nt">-S</span> netease-cloud-music
<span class="nv">$ </span>yaourt teamviewer-beta
<span class="c"># gnome themes</span>
<span class="nv">$ </span>yaourt <span class="nt">-S</span> paper-gtk-theme-git
<span class="nv">$ </span>yaourt <span class="nt">-S</span> gtk-theme-arc-git
<span class="nv">$ </span>pacman <span class="nt">-S</span> numix-gtk-theme
<span class="c"># gnome icon</span>
<span class="nv">$ </span>yaourt <span class="nt">-S</span> paper-icon-theme-git
<span class="nv">$ </span>yaourt <span class="nt">-S</span> papirus-icon-theme-git
<span class="nv">$ </span>yaourt <span class="nt">-S</span> ultra-flat-icons-blue
<span class="nv">$ </span>yaourt <span class="nt">-S</span> ultra-flat-icons-green
<span class="nv">$ </span>yaourt <span class="nt">-S</span> ultra-flat-icons-orange
<span class="nv">$ </span>yaourt <span class="nt">-S</span> fcitx-skins
</code></pre></div></div>
<h2 id="summary">Summary</h2>
<p>This post was a draft , ignore it pls đ</p>GitHub UserInstall Arch Linux step by step, making you understand Linux system more effectively.