Installing Debian 10 Buster From Scratch!

Debian has now released Debian Buster into stable status, Buster is the successor to Debian 9 Stretch. These are my observations of notable changes to the new release.

  • Xorg has been replaced by Wayland
  • AppArmor is being installed and enabled by default
  • The install is UEFI compliant
  • Cups and cups-filters packages are installed by default
  • Many updated applications (Isn’t this really expected though)

Obtaining Buster

As with prior releases we still have a ton of options here, live images, torrent links and direct links. Unless you are pushing this out multiple times, I still suggest the netinst image.

Installation Requirements

I have yet to find any official hardware requirements, it is pretty safe to say it will be consistent with Debian Stretch.

  • 512 MB RAM
  • 10 GB HDD
  • 1GHz Pentium 4 processor
  • Installation Media (USB / DVD)

Installation

Burn your image to either a CD, DVD or Flash Drive and perform whatever voodoo magic required to get your image booted. Together we will walk through all steps of the installation with screenshots.

Step 1) Booting

We will be going through the graphical install. I have to say it is refreshing to see a new graphic in the background. After you do so many of these installations something new is great, even if it is not overly flashy. This article will only cover a graphical installation, so pick that.

Graphical Install Selection
Installation Type

We will be doing an English install with English keyboard settings, pick appropriately for your environment.

English Select
Installation Language Selection
American English Keyboard Select
Keyboard Selection

2) Host Name and Domain Settings

Your host name will be the identifier for your system. The is reflected in /etc/hostname and also noted in your DNS if you are using DHCP.

Hostname Settings
Hostname Settings

Your domain name will define your name resolution search domain, fairly important if you are actually in a Windows domain.

Domain Name Settings
Domain Name Settings

3) Users and Passwords

A small gripe here. With operating system security issues being so prevalent now, I think it is about time that Debian starts enforcing strong passwords during setup and password changes as a default. As you see here I was able to use a 1 letter password, this should really never be allowed. I hope the Debian team fixes that on the installation process soon. I am getting off my soap box now.

Root Password
Root Password

Type in your chosen root password, make it long and complex!

User login name
User Identifier

User full name, I never put a real name here.

User Short Name
Real User Name

This is actually your login name, not your login name description

User Password
One Letter User Password

Make it long and complex!

4) Partitioning

This is probably where most people new to Linux take a bit of pause not understanding their options and the implications of their options. Partitioning can be complex and until your are a seasoned Linux professional it is best to not deviate from the defaults. There are real world consequences to not sizing a particular partition to your real world needs. We will go through each of these and I will give a quick description on why you may want to change these options. If you do want to play around with the different options you can always start the installation process again and choose different partitioning options.

Partitioning Type
Partitioning Type

The first option is just to use the entire available hard drive and that is your default. The second and third option are LVM’s. And LVM stands for Logical Volume Manager. And LVM will let you take a disk, or multiple disk and do things like resize them on the fly. You can take multiple disk and aggregate them together and even chop those up into different logical partitions. The third options is just an LVM that is encrypted. I will not go into any depth on an LVM, I do not mess with them on a regular basis but I think you need to know they exist and a basic understand on why you would use one. The last option is just going complete manual and gives you granular control over your partitioning.

Partitioning Detail
Partitioning Detail

Choose your disk

Partitioning detail is an important consideration. Basically this it almost like having a quota. The first option is taking all of your hard drive space and putting it into one partition. For beginners, go this route for sure. So why would you chose the other two? Well for many reasons. Say for instance you pick the second option and have your home partition fill to capacity, it will not effect the actual operation of your computer. If you put all of your space into one partition and fill it your drive, your system will become extremely unstable and go into an almost completely non working state. Another reason is chopping up your partitions make it fairly easy to upgrade those partitions by just mounting another disk and copying your data over.

The major consideration is knowing how much space to allocate to each one. If you chose the last option and know your computer will be a web server it would be beneficial to make sure you lean that space more toward the /var folder than the /home folder. Like I said we are keeping it simple, so go with the first option.

Partitioning Detail
Partitioning Detail

Review the summary and accept the changes if they look okay.

The installation will start installing the base system, this does not take long.

Installing the base system
Installing the base system

5) Package Sources

If you have downloaded the CD or DVD set, insert each Debian disk.

Scan another disk?
Scan another disk?

If you are wanting to use a network mirror pick yes and select the mirror. I highly recommend this, even if you are using the CD or DVD set. One exception is if you know your network card and wireless will not be detected, then it really is a moot point.

network mirror
Network Mirror
Network mirror country
Network Mirror Country
Network mirror select
Network mirror select

If you use a network proxy key it in.

Proxy Selection
Proxy Selection

After your proxy selection you should start seeing a progress meter for a short period.

Progress meter
Progress Meter

Your choice, but I like my privacy and select no 🙂

Popularity Contest
Popularity Contest

We can select our software packages now. If you are going headless save your space and turn off the first check mark desktop environment. I always select SSH server so I can putty back into my box.

Software package selection
Software package selection

This portion will take a while depending on your medium. Over a slow connection it can take a while, also your selections make a huge impact.

6) Grub boot loader

The majority of the time you will be using GRUB as your boot loader, so select yes. Also the second screen you will change the selection to the second option, unless you have some special circumstance.

Grub Master Boot Record
Grub Master Boot Record
Grub MBR
Grub MBR

7) Finished Installation!

Everything is now finished, you will now be taken to your login screen and can login with the password you selected. If you are not taken to a login screen and receive an error the majority of the time you are having a video driver issue.

Install Finished
Install Finished
Login Screen
Login Screen
Debian 10 Gnome Desktop
Debian 10 Gnome Desktop
Continue Reading

Installing Postfix on Debian 9 (Stretch)

Today we will install Postfix on Debian Stretch so we can send and receive mail to a relay server. Postfix is an open-source mail transfer agent (MTA) that routes and delivers email messages. Postfix is more commonly used these days so that has been my preferred one lately.

So why should you install a mail server? I get asked this question a lot and my answer is always the same, why not? Learning how a mail server works and the intricacies of the individual systems is a huge learning curve and a very marketable skill. Even just 10 years ago running a mail server was way more trivial than it is now. Anti spam technologies may had existed then but they were not nearly as widely used. Knowing how to setup and maintain a mail server will teach you many different skills because of the hurdles you have to overcome to get one running properly. Just having your mail go to a Gmail inbox without being flagged as spawn in itself is a feat.

Always my first step is to update apt.

Shell

Now we install Postfix and also mailutils.

Shell

Configuring Postfix

After postfix is installed you will run through a configuration with a few options. This first screen is basically wanting what type of site we are setting up, for this purpose we are setting up a relay server which is a smarthost.

Postfix Configuration Screen
Postfix Configuration Screen

The next screen will ask for your mail site name, ours is geekreef.com

Postfix Configuration Screen - Mail Name
Postfix Configuration Screen – Mail Name

The last screen will want our relay server (smarthost), which for demonstration purposes is going to be mail.external.com

Postfix Relay Host
Postfix Relay Host

This is our basic default main.cf we will go through.

Shell
# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
# fresh installs.
compatibility_level = 2

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = mob01
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = geekreef.com, mob01, localhost, localhost.localdomain, localhost
relayhost = mail.external.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all

myhostname: The myorigin parameter specifies the domain that appears in mail that is posted on this machine.

mydestination: The mydestination parameter specifies what domains this machine will deliver locally, instead of forwarding to another machine.

inet_interfaces: Enable IPv4, and IPv6 if supported

relay_domains: By default, Postfix will forward mail from strangers. It is very important to get this setting right. In our case it is actually missing.

Continue Reading