系统下载

1	`https://cdimage.debian.org/debian-cd/11.2.0/amd64/iso-dvd/debian-11.2.0-amd64-DVD-1.iso`

系统安装

BIOS模式

安装套件

环境

root@debian:~# cat /etc/debian_version
11.2
root@debian:~#


root@debian:~# uname -rm
5.10.0-10-amd64 x86_64
root@debian:~#

网络设置

root@debian:~# vi /etc/network/interfaces

追加

auto eno1
iface eno1 inet dhcp

root@debian:~#

重启网络服务
systemctl  restart networking

apt 设置

root@debian:~# vi /etc/apt/sources.list
deb http://mirrors.aliyun.com/debian/ bullseye main non-free contrib
deb http://mirrors.aliyun.com/debian-security/ bullseye-security main
deb http://mirrors.aliyun.com/debian/ bullseye-updates main non-free contrib
deb http://mirrors.aliyun.com/debian/ bullseye-backports main non-free contrib
root@debian:~#

基础设置

基本安装

root@debian:~# apt install  vim
root@debian:~# apt purge   vim-tiny  #附带删除配置文件  /etc/vim/vimrc.tiny

root@debian:~# apt install -y sudo
root@debian:~# apt install -y net-tools
root@debian:~# apt install -y tree
root@debian:~# apt install -y iperf3
root@debian:~# apt install -y curl
root@debian:~# apt install -y psmisc   #pstree

VIM 8的鸡肋设置

vim 8 为了欢迎新用户，添加了非常弱鸡的新功能，

默认菜鸟允许使用鼠标，专业用户非常恼火！

在 /etc/vim/vimrc 文件内还不能关闭鼠标，系统会覆盖此文件的设定！
在 ~/.vimrc 内添加限定才行

难道要在每个用户名下都来搞一下？脑残。。。

国外的抨击：

https://blog.longwin.com.tw/2016/11/vim-8-linux-mouse-clip-2016/
https://alext.mail.at/?p=561
https://serverok.in/vim-8-goes-visual-mode-on-right-click

vim 8 禁用鼠标方法

1	echo '"这里关不掉鼠标,配置文件见 vim `find /usr/share/vim/ \| grep -w defaults.vim`' >> /etc/vim/vimrc

vim `find /usr/share/vim/ | grep -w defaults.vim`
:set paste #这样粘贴不出错

开始行尾追加

"高亮行尾的空格
"highlight ExtraWhitespace ctermbg=red guibg=red
"autocmd BufWinEnter * match ExtraWhitespace /\s\+$\| \+\ze\t\+\|\t\+\zs \+/

"高亮行尾的空格 与 TAB
autocmd BufWinEnter * match Error /\t \+\|\t\|\s\+$\|^ \+$/

"设置qq按键为退出VIM
map qq  :q!<CR>

"设置ds按键为去除行尾空格
map ds  :%s/\s\+$//g<CR>

"设置dm按键为去除行尾的^M标记
map dm  :%s/\r//g<CR>

"设置dt按键将tab转为4个空格
map dt  :%s/\t/    /g<CR>

"设置dr按键将多个空行变为1个空行
map dr  :g/^\s*$\n\s*$/d<CR>

"设置de按键为去清空以#开头的行
map de :%s/^#.*$//g<CR>

set shortmess=a                 "关闭显示帮助乌干达的儿童
"set cmdheight=2                 "vim命令状态栏的高度 (有时在tmux中行显示错乱-不要开!)
set noswapfile                  "不生成.swp文件
set bg=dark                     "字体高亮
set paste                       "粘贴时 禁止自动缩进
set completeopt=menu            "关闭草稿
set nonu                        "不显示行号
set ruler                       "右下角显示光标当前位置
set scrolloff=10                "光标到上下缓冲区边距
set nobackup                    "禁止生成临时文件
set nocindent                   "不使用C风格缩进
set noautoindent                "不使用自动缩进
set shiftwidth=4                "自动缩进字符宽度
set ts=4                        "tab键宽度
set expandtab                   "将tab符转为空格
%retab!                         "对于已保存的文件,将tab转换为空格
set ignorecase                  "搜索时 忽略大小写
syntax on                       "语法高亮
set hls                         "搜索高亮
set nocompatible                "去除兼容vi
set backspace=indent,eol,start  "允许使用退格键
set fileencodings=utf-8,GB18030 "打开文件 支持的字符集
set viminfo='20,<1000           "多行复制

"关闭鼠标
set mouse=
set ttymouse=

root@debian:~#

vim 显示全部的参数值数据信息

If you don't remember what setting you want to check, you can view all settings:
:set all

or show each setting, one setting per line:
:set! all

排查vim配置为什么不生效

strace vim -c "q!"  > strace.log  2>&1
cat strace.log  | grep open |grep -v No | grep vim
``` 
 
## vim 配置文件的加载次序
可以看到, 优先加载/etc/vim/vimrc
然后加载 /usr/share/vim/vim82/debian.vim
继续加载 /usr/share/vim/vim82/defaults.vim
导致了后面的配置文件 覆盖了前面配置文件的参数.

vim8 的鼠标配置在/etc/vim/vimrc无法生效.
``` sh
openat(AT_FDCWD, "/usr/share/vim/vimrc", O_RDONLY) = 3
openat(AT_FDCWD, "/usr/share/vim/vim82/debian.vim", O_RDONLY) = 4
openat(AT_FDCWD, "/usr/share/vim/vim82/defaults.vim", O_RDONLY) = 3


chunli@blog:~/blog$ ll /usr/share/vim/vimrc
lrwxrwxrwx 1 root root 14 Oct  1  2021 /usr/share/vim/vimrc -> /etc/vim/vimrc
chunli@blog:~/blog


chunli@blog:~/blog$ ll /usr/share/vim/vim82/debian.vim
-rw-r--r-- 1 root root 1.8K Oct  1  2021 /usr/share/vim/vim82/debian.vim
chunli@blog:~/blog$

chunli@blog:~/blog$ ll /usr/share/vim/vim82/defaults.vim
-rw-r--r-- 1 root root 6.3K Aug 23 15:17 /usr/share/vim/vim82/defaults.vim
chunli@blog:~/blog$

时区设置

#时间同步
chunli@blog:~/blog$ sudo ntpdate time.windows.com
chunli@blog:~/blog$

chunli@blog:~/blog$ sudo timedatectl set-timezone Asia/Shanghai
chunli@blog:~/blog$

#检验结果
chunli@blog:~/blog$ cat /etc/timezone
Asia/Shanghai
chunli@blog:~/blog$

chunli@blog:~/blog$ ll /etc/localtime 
lrwxrwxrwx 1 root root 35 Nov  1 15:06 /etc/localtime -> ../usr/share/zoneinfo/Asia/Shanghai
chunli@blog:~/blog$

#时间同步 -- 计划任务
chunli@blog:~/blog$ vim /etc/crontab

*/10  *  *  *  * root   /usr/sbin/ntpdate time.windows.com

别名设置：

root@debian:~# echo "alias grep='grep  --color=auto'" >  /etc/profile.d/grep.sh

root@debian:~# vim /etc/bash.bashrc

#行尾追加
alias ll='ls  --color  -lh'
alias r='sudo -i'

# 为了使用 update-grub
export PATH=/usr/sbin/:$PATH

root@debian:~#
root@debian:~# source /etc/bash.bashrc

sudoer

root@debian:~# vim  /etc/sudoers

行尾追加：
chunli ALL=(ALL) NOPASSWD: ALL

console 串口登录

root@debian:~# dmesg | grep -i tty

root@debian:~# cat /etc/default/grub

修改
GRUB_CMDLINE_LINUX="console=ttyS0,115200"
root@debian:~#



更新 grub

root@debian:~# update-grub2
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-5.10.0-10-amd64
Found initrd image: /boot/initrd.img-5.10.0-10-amd64
done
root@debian:~#

磁盘挂载

root@debian:~# mkdir /mnt/chunli
root@debian:~# mkdir /mnt/data
root@debian:~# apt install lvm2


root@debian:~# blkid
/dev/sdb: UUID="f8536aba-49c3-4bd0-906c-c16cfa7415cc" BLOCK_SIZE="4096" TYPE="xfs"
/dev/sda1: UUID="ee2bca9b-65aa-418d-aec8-84b307973e77" BLOCK_SIZE="4096" TYPE="ext4" PARTUUID="0f11aefd-01"
/dev/sda5: UUID="2b017581-0e0a-4807-8ae4-e743f9ebe17f" TYPE="swap" PARTUUID="0f11aefd-05"
/dev/sdd: UUID="pFurcq-x0da-u0u1-mAPL-zeP0-FPuU-tuMbd3" TYPE="LVM2_member"
/dev/sdc: UUID="NtrMfT-4YSk-IwEd-HBgl-Bs7A-vZBq-5zeJXi" TYPE="LVM2_member"
/dev/mapper/data_vg-data_lv: UUID="119149cd-30da-4b73-99d2-8c7786e48e40" BLOCK_SIZE="4096" TYPE="xfs"
root@debian:~#




root@debian:~# systemctl  cat disk_chunli
# /lib/systemd/system/disk_chunli.service
# 关机需要等待 umount超时， 约4分钟才能关机
[Unit]
Description=chunli
After=network.target

[Service]
Type=oneshot
User=root
ExecStartPre=/bin/sleep 15
ExecStart=/bin/mount -U "f8536aba-49c3-4bd0-906c-c16cfa7415cc" /mnt/chunli/

[Install]
WantedBy=multi-user.target
root@debian:~#





root@debian:~# systemctl  cat disk_sas
# /lib/systemd/system/disk_sas.service
# 关机需要等待 umount超时， 约4分钟才能关机
[Unit]
Description=sas
After=network.target

[Service]
Type=oneshot
User=root
ExecStartPre=/bin/sleep 10
ExecStart=/bin/mount -U "119149cd-30da-4b73-99d2-8c7786e48e40" /mnt/data/

[Install]
WantedBy=multi-user.target
root@debian:~#

Samba 安装

root@debian:~# apt install samba

root@debian:~# adduser --no-create-home  -s /sbin/nologin  chunli
root@debian:~# pdbedit --create chunli

root@debian:~# pdbedit -L
chunli:1000:chunli
root@debian:~#

root@debian:~# vim  /etc/samba/smb.conf
[global]
include    = /etc/samba/smb.conf.%U


root@debian:~# cat /etc/samba/smb.conf.chunli
[01_Disk]
    path           = /mnt/data
    writeable      = yes
    create mask    = 0664
    directory mask = 0775

[02_Book]
    path           = /mnt/chunli/book/
    writeable      = yes
    create mask    = 0664
    directory mask = 0775


[03_Media]
    path           = /mnt/chunli/media/
    writeable      = yes
    create mask    = 0664
    directory mask = 0775


[04_Work]
    path           = /mnt/chunli/work/
    writeable      = yes
    create mask    = 0664
    directory mask = 0775

root@debian:~#

root@debian:~# systemctl   restart  smbd

wireguard 安装

root@debian:~# apt install iptables -y
root@debian:~# apt install wireguard -y


root@debian:~# echo MBoEqqccisaNLXQvVEt7w2YYHnfXXXXXXXX | wg pubkey
940nz1ODdaataxRoOTwB2JWz1z9bnXXXXXXXXXXX=
root@debian:~#

单网卡配置

root@debian:~# cat /etc/wireguard/client.conf
# echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf; sysctl -p
[Interface]
PostUp     = iptables -A FORWARD -i client -j ACCEPT; iptables -A FORWARD -o client -j ACCEPT; iptables -t nat -A POSTROUTING -o eno1 -j MASQUERADE
PostDown   = iptables -D FORWARD -i client -j ACCEPT; iptables -D FORWARD -o client -j ACCEPT; iptables -t nat -D POSTROUTING -o eno1 -j MASQUERADE

PrivateKey = MBoEqqccisaNLXQvVEt7wXXXXXXXXX
Address = 192.168.175.103/24
MTU = 1420

[Peer]
PublicKey = A5MUy9UKs2SP5cq8KJcbXXXXXXXXXX=
AllowedIPs = 192.168.175.0/24
Endpoint = fly.li-chunli.top:20001
PersistentKeepalive = 25

root@debian:~#

root@debian:~# systemctl   start wg-quick@client
root@debian:~#
root@debian:~# systemctl   enable  wg-quick@client
Created symlink /etc/systemd/system/multi-user.target.wants/wg-quick@client.service → /lib/systemd/system/wg-quick@.service.
root@debian:~#

双网卡配置示例

root@localhost:~# cat /etc/wireguard/VPN.conf
# echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf; sysctl -p
[Interface]
PrivateKey = mPJynydBVV2hOrf4pOXXXXXXXXXXXX=
Address    = 192.168.175.106/24
PostUp     = iptables -A FORWARD -i VPN -j ACCEPT; iptables -A FORWARD -o VPN -j ACCEPT; iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
PostDown   = iptables -D FORWARD -i VPN -j ACCEPT; iptables -D FORWARD -o VPN -j ACCEPT; iptables -t nat -D POSTROUTING -o wlan0 -j MASQUERADE

PostUp     = iptables -A FORWARD -i VPN -j ACCEPT; iptables -A FORWARD -o VPN -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown   = iptables -D FORWARD -i VPN -j ACCEPT; iptables -D FORWARD -o VPN -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
MTU = 1420

[Peer]
PublicKey = A5MUy9UKs2SP5cqXXXXXXXXXXXXXXXXXXXXX=
AllowedIPs = 192.168.175.0/24,192.168.88.0/24
Endpoint = fly.li-chunli.top:20001
PersistentKeepalive = 2

root@localhost:~#

测试启动

root@debian:~# wg-quick up client
[#] ip link add client type wireguard
[#] wg setconf client /dev/fd/63
[#] ip -4 address add 192.168.175.103/24 dev client
[#] ip link set mtu 1420 up dev client
[#] iptables -A FORWARD -i client -j ACCEPT; iptables -A FORWARD -o client -j ACCEPT; iptables -t nat -A POSTROUTING -o eno1 -j MASQUERADE
root@debian:~#

网络测试

root@debian:~# ping 192.168.175.100
PING 192.168.175.100 (192.168.175.100) 56(84) bytes of data.
64 bytes from 192.168.175.100: icmp_seq=1 ttl=64 time=38.8 ms
64 bytes from 192.168.175.100: icmp_seq=2 ttl=64 time=38.8 ms
^C
--- 192.168.175.100 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 38.777/38.789/38.801/0.012 ms
root@debian:~#

网络检错

1 2	`chunli@ubuntu:~$ vim /etc/crontab 1 * * * * root /bin/ping -W 4 -c 30 192.168.175.100 \|\| reboot`

桥接

root@debian:~# apt install bridge-utils

root@debian:~/bridge# cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# 板载网卡
auto eno1
iface eno1 inet manual


# 桥接网卡
auto br0
iface br0 inet dhcp
    hwaddress ether 98:90:96:d3:CD:AE
    bridge_ports eno1

root@debian:~# systemctl   restart networking

kvm


安装KVM基础组件

root@debian:~# apt install --no-install-recommends qemu-system libvirt-clients libvirt-daemon-system  virtinst  qemu-kvm qemu  qemu-utils -y

root@debian:~/kvm# cat kvm_install_win10_21H2.sh
#!/bin/bash
OS_DOMAIN='win10_21H2'
OS_DISK="/home/OS_Disk_Image/${OS_DOMAIN}.disk"
OS_IMG_DIR='/mnt/data/08_各种镜像/OS_windows/'

virsh  destroy  $OS_DOMAIN  > /dev/null 2>&1
virsh  undefine $OS_DOMAIN  > /dev/null 2>&1

rm -rf $OS_DISK
rm -rf /var/log/libvirt/qemu/${OS_DOMAIN}.log
rm -rf /etc/libvirt/storage

virt-install                                               \
--virt-type=kvm                                            \
--os-type=windows                                          \
--os-variant=win10                                         \
--name ${OS_DOMAIN}                                        \
--cpu=host-passthrough                                     \
--accelerate                                               \
--autostart                                                \
--ram 4096                                                 \
--noautoconsole                                            \
--vcpus sockets=1,cores=2,threads=2                        \
--network mac=12:34:56:78:90:A1,bridge=br0,model=virtio    \
--graphics vnc,listen=0.0.0.0,port=5920,password=chunli    \
--disk path=${OS_DISK},size=80,format=raw,bus=virtio       \
--disk path=${OS_IMG_DIR}/virtio-win/virtio-win-0.1.190_amd64.vfd,device=floppy \
--cdrom     ${OS_IMG_DIR}/windows_10_2111/zh-cn_windows_10_business_editions_version_21h2_x64_dvd_93b4cb1a.iso \

root@debian:~/kvm#

VNC连接
安装选择: 专业版(用不上的功能，不要碰)

安装完成

解决CPU/IO高问题

1.
root@debian:~# vim /etc/libvirt/qemu/win10_21H2.xml
  <clock offset='localtime'>
    <timer name='hpet' present='yes'/>
    <timer name='hypervclock' present='yes'/>
  </clock>


2. (win10专业版 无需操作)
win + r: regedit

计算机\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ClipSVC
start 3--> 4

计算机\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AppXSvc
start 3--> 4




调好之后: 空载时 CPU占用情况

root@debian:~# top
top - 00:23:33 up 11 days,  5:49,  1 user,  load average: 0.12, 0.12, 0.25
Tasks: 169 total,   1 running, 168 sleeping,   0 stopped,   0 zombie
%Cpu(s):  0.4 us,  0.4 sy,  0.0 ni, 99.2 id,  0.0 wa,  0.0 hi,  0.0 si,  0.0 st
MiB Mem :  15950.6 total,    213.8 free,   4409.6 used,  11327.2 buff/cache
MiB Swap:    975.0 total,    946.1 free,     28.9 used.  11205.6 avail Mem

    PID USER      PR  NI    VIRT    RES    SHR S  %CPU  %MEM     TIME+ COMMAND
  85244 libvirt+  20   0 6453172   4.0g  20952 S   8.6  26.0  12:00.69 qemu-system-x86
  85270 root      20   0   10228   3892   3120 R   0.3   0.0   0:08.59 top
      1 root      20   0  165212   8908   5972 S   0.0   0.1   2:45.18 systemd
      2 root      20   0       0      0      0 S   0.0   0.0   0:00.26 kthreadd
      3 root       0 -20       0      0      0 I   0.0   0.0   0:00.00 rcu_gp
      4 root       0 -20       0      0      0 I   0.0   0.0   0:00.00 rcu_par_gp
      6 root       0 -20       0      0      0 I   0.0   0.0   0:00.00 kworker/0:0H-events_highpri
      9 root       0 -20       0      0      0 I   0.0   0.0   0:00.00 mm_percpu_wq
     10 root      20   0       0      0      0 S   0.0   0.0   0:00.00 rcu_tasks_rude_
     11 root      20   0       0      0      0 S   0.0   0.0   0:00.00 rcu_tasks_trace
     12 root      20   0       0      0      0 S   0.0   0.0   0:01.08 ksoftirqd/0
     13 root      20   0       0      0      0 I   0.0   0.0   1:16.29 rcu_sched
     14 root      rt   0       0      0      0 S   0.0   0.0   0:04.82 migration/0
     15 root      20   0       0      0      0 S   0.0   0.0   0:00.00 cpuhp/0
     16 root      20   0       0      0      0 S   0.0   0.0   0:00.00 cpuhp/1
     17 root      rt   0       0      0      0 S   0.0   0.0   0:04.45 migration/1
     18 root      20   0       0      0      0 S   0.0   0.0   0:00.50 ksoftirqd/1
     20 root       0 -20       0      0      0 I   0.0   0.0   0:00.00 kworker/1:0H-kblockd
     21 root      20   0       0      0      0 S   0.0   0.0   0:00.00 cpuhp/2

李春利-笔记

纸上得来终觉浅, 绝知此事要躬行。

Debian11 初始化

系统下载

系统安装

环境

网络设置

apt 设置

基础设置

基本安装

VIM 8的鸡肋设置

国外的抨击：

vim 8 禁用鼠标方法

排查vim配置为什么不生效

时区设置

别名设置：

sudoer

console 串口登录

磁盘挂载

Samba 安装

wireguard 安装

单网卡配置

双网卡配置示例

测试启动

网络测试

网络检错

桥接

kvm