This will guide you through the installation of Ubuntu 20.04 LTS as a Standalone Server.

• backup webapps
• backup mysql database
• backup ./ssh/authorized_keys
• backup minecraft worlds (if running on ubuntu)
• move the AP to a new adoption (if running UniFi Controller on ubuntu)
• backup /etc/fstab (if lots of drives mounted)
• use lsblk to get list of current drives and mount points

• Custom storage layout
• Partitions: (ext4)

• Full Name: Dirk Rockface
• Server: brimble
• User Name: dirk
• Finish installing. I didn't install any “common packages” from the setup CD.

sudo apt-get update
sudo apt-get dist-upgrade

sudo apt-get install openssh-server

sudo mkdir /mnt/storage
sudo mkdir /mnt/minecraft
sudo mkdir /mnt/plex
sudo mkdir /mnt/timemachine

sudo blkid

and

sudo lsblk

to get info for fstab.

sudo vim /etc/fstab

sudo apt-get install exfat-fuse exfat-utils

sudo reboot -h now

• In home directory

  mkdir .ssh

• authorized_keys file needs to have keys in them. Copy over from harddrive, external drive, or create them.
• When making keys on clients

  ssh-keygen -t rsa

• New things for keys:
  • So, ssh-keygen no longer creates the keys with the headers on them. Seems to be no big deal for ssh but Cyberduck borked.
  • To make private keys with headers for Cyberduck:

    openssl genrsa -aes128 -out id_rsa 2048
    openssl rsa -in id_rsa -pubout -out id_rsa.test
    ssh-keygen -f id_rsa.test -i -mPKCS8

  • Links:
    • https://rietta.com/blog/2012/01/27/openssl-generating-rsa-key-from-command/
    • https://stackoverflow.com/questions/1011572/convert-pem-key-to-ssh-rsa-format

• Turn off Password Auth

  sudo vim /etc/ssh/sshd_config

  UsePAM yes
  PasswordAuthentication no

sudo reboot -h now

sudo apt-get install tomcat9

sudo vim /etc/tomcat9/server.xml

<Connector port="80" protocol="HTTP/1.1"
       	connectionTimeout="20000"
       	URIEncoding="UTF-8"
       	redirectPort="8443" />

sudo rm -rf /var/lib/tomcat9/webapps/ROOT
sudo cp -a /mnt/backup/webpage/webapps/. /var/lib/tomcat9/webapps/
sudo cp -a /mnt/backup/webpage/plex /var/lib/tomcat9/

• <html><span style=“color:red;font-size:100%;”>Note:</span> You might have to set ownership and permissions back to normal for those folders</html>

  sudo chown tomcat:tomcat webapps
  sudo chmod 755 webapps

sudo vim /etc/tomcat9/web.xml

<init-param>
  <param-name>listings</param-name>
  <param-value>true</param-value>
</init-param>

• <html><span style=“color:red;font-size:100%;”>Note:</span> This is due to using random vs urandom</html>
• edit java.security
  • at last check, this was located here:

    sudo vim /usr/lib/jvm/java-11-openjdk-amd64/conf/security/java.security

  • change

    securerandom.source=file:/dev/random

    to

    securerandom.source=file:dev/urandom

  • Link: https://docs.oracle.com/cd/E13209_01/wlcp/wlss30/configwlss/jvmrand.html

sudo apt-get install mysql-server

sudo mysql -u root -p < dumpfile.sql

sudo mysql -u root -p
CREATE USER 'dirk'@'localhost' IDENTIFIED BY 'password';
show databases;
GRANT ALL PRIVILEGES ON *.* TO 'dirk'@'localhost';
exit

GRANT FILE ON *.* TO 'dirk'@'localhost';
exit

sudo aa-status

• This should show mysqld in enforce mode

sudo vim /etc/apparmor.d/usr.sbin.mysqld

• add folders near the bottom like this:

  /var/lib/tomcat9/webapps/ r,
  /var/lib/tomcat9/webapps/** rwk,

sudo vim /etc/mysql/mysql.conf.d/mysqld.cnf

• add at bottom:

  secure_file_priv=""

• while in this file, decrease sleep time to avoid max connections (default is 8 hrs)

  wait_timeout = 20

• <html><span style=“color:red;font-size:100%;”>Note:</span> In order to get sql to write, I had to make everything in the webapps folder root:dirk (which it probably was) and the export folder 777. Not sure which of those did the trick (or both)</html>
• <html><span style=“color:red;font-size:100%;”>Note:</span> New in mysqlserver v8: files writen from mysql are only readable by root and the mysql group so you have to add the use tomcat (the one reading the files in the march madness bracket) to the mysql group (the one creating the files)</html>

  sudo usermod -a -G mysql tomcat

• Changes will take effect after restart

  sudo reboot -h now

• Install Java Development Kit

   sudo apt-get install default-jdk

• Install Java / Mysql connector

   sudo apt-get install libmysql-java

• <html><span style=“color:red;font-size:100%;”>Note:</span> This was not supported in 20.04 at the time and must be installed manually.</html>
  • Download JDBC Driver for Mysql (Connector/J) from https://www.mysql.com/products/connector/
  • Install the debfile:

    sudo apt install thatdebfile.deb

• Create symlink for connector

  sudo ln -sf /usr/share/java/mysql-connector-java.8.0.20.jar /usr/share/tomcat9/lib/mysql-connector-java.jar

• New change for 20.04: had to add

  &serverTimezone=UTC

  to the end of the SQL_PARAMS section in all of the config.jsp files. They should be all converted for the next install and no action required. (hopefully)

• If webinf files need to be compiled:

  sudo javac -cp /usr/share/java/servlet-api-3.0.jar:/usr/share/java/jsp-api-2.2.jar util/*.java

• reboot

  sudo reboot -h now

sudo apt-get install samba
sudo smbpasswd -a dirk
sudo vim /etc/samba/smb.conf

[webapps]
  comment = Webpage Files
    path = /var/lib/tomcat9/webapps
    available = yes
    browsable = yes
    guest ok = yes
    read only = no
    writable = yes
    admin users = dirk

[storage]

[plex]

• you may have to chmod correct permissions for webapps folder (775)

LOAD DATA LOCAL INFILE "/home/dirk/2019o.csv" INTO TABLE games COLUMNS TERMINATED BY ',';

sudo visudo -f /etc/sudoers.d/nopass
dirk ALL=(ALL:ALL) NOPASSWD:/usr/bin/rsync

crontab -e

0 3 * * * /home/dirk/scripts/backup

sudo dpkg-reconfigure tzdata