Debian随手记

本文修改于20250712

镜像安装

用的是debian-12.8.0-amd64-DVD-1.iso

ventoy直接刷，不用网络镜像，不要桌面环境，要个ssh和基础系统工具就行，（分区如下

分区	大小
efi	256MB #以前500M感觉大了
/	20G #够用就行
swap	8G #内存就8G
/home	剩余硬盘空间

过程中遇到了些问题，grub没有被正确安装，导致bios认为我的硬盘没有操作系统，解决方式参考bilibili
1. 还是先进安装镜像选Advanced options进rescue mode
2. 中间忘了，好像要先Load installer components...
3. 不过问题不大，能找。然后Enter rescue mode
4. 点来点去来到Enter a device you wish to use as your root root file system
5. 回想一下根目录/在哪里，我的手动分的/区在/dev/sda2
6. Mount separate /boot/efi partition
7. Force GRUB installation to the EFI removable media path把GRUB扔到这个分区来
8. 拔U盘重启就可以正常引导了

初始配置

初始系统还是太简洁了，我也不知道要做些什么，慢慢来吧

ssh

# /etc/ssh/sshd_config
PasswordAuthentication yes

重启下ssh服务，就可以用ssh连接后配置了

systemctl restart ssh

网络设置

# /etc/network/interface

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug enp1s0
iface enp1s0 inet static
        address 192.168.1.xxx/24
        netmask 255.255.255.0
        gateway 192.168.1.1
        dns-nameservers 223.5.5.5 223.6.6.6
# This is an autoconfigured IPv6 interface
iface enp1s0 inet6 auto

重启下网络服务

systemctl restart networking.service

WOL网络唤醒

# 使用前先安装ethtool
sudo ethtool -s enp1s0 wol g

# /etc/network/interfaces 添加
iface enp1s0 inet static
        ***
        post-up /sbin/ethtool -s enp1s0 wol g

镜像源

USTC镜像软件源，请做好备份

# 默认注释了源码仓库，如有需要可自行取消注释
deb http://mirrors.ustc.edu.cn/debian bookworm main contrib non-free non-free-firmware
# deb-src http://mirrors.ustc.edu.cn/debian bookworm main contrib non-free non-free-firmware
deb http://mirrors.ustc.edu.cn/debian bookworm-updates main contrib non-free non-free-firmware
# deb-src http://mirrors.ustc.edu.cn/debian bookworm-updates main contrib non-free non-free-firmware

# backports 软件源，请按需启用
# deb http://mirrors.ustc.edu.cn/debian bookworm-backports main contrib non-free non-free-firmware
# deb-src http://mirrors.ustc.edu.cn/debian bookworm-backports main contrib non-free non-free-firmware

deb http://mirrors.ustc.edu.cn/debian-security/ bookworm-security main contrib non-free non-free-firmware
# deb-src http://mirrors.ustc.edu.cn/debian-security/ bookworm-security main contrib non-free non-free-firmware

TUNA镜像软件源，请做好备份

# 默认注释了源码镜像以提高 apt update 速度，如有需要可自行取消注释
deb https://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm main contrib non-free non-free-firmware
# deb-src https://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm main contrib non-free non-free-firmware

deb https://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm-updates main contrib non-free non-free-firmware
# deb-src https://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm-updates main contrib non-free non-free-firmware

deb https://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm-backports main contrib non-free non-free-firmware
# deb-src https://mirrors.tuna.tsinghua.edu.cn/debian/ bookworm-backports main contrib non-free non-free-firmware

# 以下安全更新软件源包含了官方源与镜像站配置，如有需要可自行修改注释切换
deb https://mirrors.tuna.tsinghua.edu.cn/debian-security bookworm-security main contrib non-free non-free-firmware
# deb-src https://mirrors.tuna.tsinghua.edu.cn/debian-security bookworm-security main contrib non-free non-free-firmware

更新一下

apt update && apt upgrade

sudo

# 普通用户登录
su -l # 进入超级用户，不能忘了-l 不然进去没有adduser命令

apt update && apt upgrade
apt install sudo # Debian最小化安装完没有sudo真搞吧

adduser USERNAME sudo # USERNAME为当前用户名
exit

groups #查看当前用户的组

再挂载一块硬盘

mkdir /home/wingchaos/disk
sudo mount /dev/sdb1 /home/wingchaos/disk

实现开机自动挂载

# 先看分区id
sudo blkid /dev/sdb1

# /etc/fstab 添加
UUID=****** /home/wingchaos/disk ext4 defaults 0 2
#硬盘id 挂载点 文件系统 默认挂载选项 不备份 非根分区

目前用到的软件

curl & wget

可以看看阮一峰的博客

sudo apt install wget   # wget倾向于下载文件，
sudo apt install curl   # 而这位更偏向网络调试工具

Samba

# 安装
sudo apt update
sudo apt install samba

# 创建samba用户
sudo smbpasswd -a USERNAME

# /etc/samba/smb.conf 添加
[home]
   comment = debian
   path = /home/wingchaos
   browseable = yes
   read only = no
   valid users = wingchaos
   create mask = 0777
   directory mask = 0777

# 重启Samba服务
sudo systemctl restart smbd
sudo systemctl enable smbd

Docker

以下内容来自清华大学开源软件镜像站

可能会多次遇到Permission denied，请善用sudo

sudo apt-get install ca-certificates curl gnupg

install -m 0755 -d /etc/apt/keyrings

curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg

sudo chmod a+r /etc/apt/keyrings/docker.gpg

echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/debian \
  "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin

更换镜像源请参考Docker学习记录

Portainer(Docker)

参考官方文档

# 先创建命名卷
docker volume create portainer_data

sudo docker run -d -p 8000:8000 -p 9443:9443 \
  --name portainer --restart=always \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -v portainer_data:/data portainer/portainer-ce

DDNS-GO(Docker)

局域网通过hostname获取IPv6有点问题，直接再开一个容器吧

sudo docker run -d \
  --name ddns-go --restart=unless-stopped --net=host \
  -v ~/.config/ddns-go:/root jeessy/ddns-go

File Browser(Docker)

涉及到目录挂载和权限问题，这里踩了坑详见Docker随手记

sudo docker run -d \
  --name filebrowser \
  --user $(id -u):$(id -g) \
  -p 宿主机端口:80 \
  -v /宿主机目录:/srv \
  -v ~/.config/filebrowser/database:/database \
  -v ~/.config/filebrowser/config:/config \
  --restart unless-stopped \
  filebrowser/filebrowser

qBittorrent-Enhanced-Edition(Docker)

来自Docker-qBittorrent-Enhanced-Edition

sudo docker run -d \
    --name=qbittorrentee  \
    -e WEBUIPORT=8080  \
    -e PUID=$(id -u) \
    -e PGID=$(id -g) \
    -e TZ=Asia/Shanghai \
    -e ENABLE_DOWNLOADS_PERM_FIX=true \
    -p 6881:6881  \
    -p 6881:6881/udp  \
    -p 8080:8080  \
    -v ~/.config/qbittorrentee/config:/config  \
    -v /宿主机目录:/downloads \
    --restart unless-stopped  \
    superng6/qbittorrentee:latest

Komga(Docker)

sudo docker run -d \
  --name=komga \
  --user 1000:1000 \
  -p 25600:25600 \
  -v ~/.config/komga/config:/config \
  -v ~/.config/komga/tmp:/tmp \
  -v /宿主机目录:/data \
  --restart unless-stopped \
  gotson/komga

Syncthing(Docker)

参考README-Docker.md

# 默认Web UI端口8384
sudo docker run -d --network=host \
  --name=syncthing \
  --user 1000:1000 \
  -v ~/.config/syncthing/:/var/syncthing/ \
  -v /宿主机目录:/sync \
  --restart unless-stopped \
  syncthing/syncthing:latest

filebrowser

sudo mkdir /usr/local/filebrowser && cd /usr/local/filebrowser
sudo wget https://github.com/filebrowser/filebrowser/releases/download/v2.31.2/linux-amd64-filebrowser.tar.gz
sudo tar -xvf linux-amd64-filebrowser.tar.gz
sudo nano config.json
{
    "address" : "0.0.0.0",
    "port" : 80,
    "database" : "/usr/local/filebrowser/filebrowser.db", 
    "root" : "/home/wingchaos/"
}
# 默认账户密码admin
sudo nano /etc/systemd/system/filebrowser.service
######
[Unit]
Description=The filebrowser Process Manager
After=network.target

[Service]
Type=simple
ExecStart=/usr/local/filebrowser/filebrowser -c /usr/local/filebrowser/config.json
ExecStop=/bin/killall filebrowser
PrivateTmp=true

[Install]
WantedBy=multi-user.target
######
sudo systemctl daemon-reload
sudo systemctl enable filebrowser.service
sudo systemctl start filebrowser.service

qBittorrent-nox

sudo apt install qbittorrent-nox
sudo adduser --system --group qbittorrent-nox
sudo adduser USERNAME qbittorrent-nox
sudo nano /etc/systemd/system/qbittorrent-nox.service
######
[Unit]
Description=qBittorrent Command Line Client
After=network.target

[Service]
Type=forking
User=qbittorrent-nox
Group=qbittorrent-nox
UMask=007
ExecStart=/usr/bin/qbittorrent-nox -d --webui-port=8080
Restart=on-failure

[Install]
WantedBy=multi-user.target
######
sudo systemctl daemon-reloa
sudo mkdir /home/qbittorrent-nox
sudo chown qbittorrent-nox:qbittorrent-nox /home/qbittorrent-nox
sudo usermod -d /home/qbittorrent-nox qbittorrent-nox
sudo systemctl enable qbittorrent-nox
sudo systemctl start qbittorrent-nox
sudo systemctl status qbittorrent-nox

Syncthing

Debian apt安装的版本实在是太老了，参考官方安装文档

# Add the release PGP keys:
sudo mkdir -p /etc/apt/keyrings
sudo curl -L -o /etc/apt/keyrings/syncthing-archive-keyring.gpg https://syncthing.net/release-key.gpg

# Add the "stable" channel to your APT sources:
echo "deb [signed-by=/etc/apt/keyrings/syncthing-archive-keyring.gpg] https://apt.syncthing.net/ syncthing stable" | sudo tee /etc/apt/sources.list.d/syncthing.list

# Update and install syncthing:
sudo apt-get update
sudo apt-get install syncthing

syncthing的默认ip设置为127.0.0.1无法在局域网中访问，需要更改设置：

# ~/.local/status/syncthing/config.xml
<address>0.0.0.0:8384</address>

官方的Linux自启动方案：

# 使用systemd设置用户服务
systemctl --user enable syncthing.service
systemctl --user start syncthing.service

# 如果需要在登录用户前启动
sudo loginctl enable-linger USERNAME

镜像安装#

初始配置#

ssh#

网络设置#

镜像源#

sudo#

再挂载一块硬盘#

目前用到的软件#

curl & wget#

Samba#

Docker#

Portainer(Docker)#

DDNS-GO(Docker)#

File Browser(Docker)#

qBittorrent-Enhanced-Edition(Docker)#

Komga(Docker)#

Syncthing(Docker)#

filebrowser#

qBittorrent-nox#

Syncthing#