Part II - The Ultimate Linux Home Router - Tumbleweed and Customizing the Environment

Friday, December 20, 2013

Part I - Tumbleweed (optional)

This is optional and you'll have to decide for yourself if switching your build to Tumbleweed is the way to go. Basically, this step involves "rebranding" your installation away from the openSUSE 13.1 and over to Tumbleweed. Tumbleweed does not have a version. When a new package of any kind is available for your installation, it will show up as an update. If you have automatic updates enabled, this will ensure you're running the latest version of everything, including the kernel, all the time.
There are a few reasons you may not want to do this:
  • You have some kind of kernel module or modification that needs to be compiled for each kernel. In my case, the external network adapter falls under this category. Every new kernel version will require me to recompile the kernel module and install it. If the kernel is updated automatically and the system is rebooted, it will revert to the module that's built into the kernel. If that module is the same version that exists today (and I have no reason to believe it would not be), my router is going to fail. It's a risk I'm willing to accept, since I will be routinely checking up on the system and installing the kernel module is pretty simple. I also, hope, one day to script this part out somehow.
  • Rolling updates can be unreliable. And, indeed, Tumbleweed isn't as widely used and tested as the default distribution.
Ultimately, I'm using tumbleweed because I'm choosing to expose some services to the wide open internet and I want everything to be as up-to-date as possible for security purposes.
That said, I don't believe any of the remaining steps explicitly requires you to use Tumbleweed.
Here's some more information so that you can make the decision yourself.

Switching up the repositories

Connect to your box via PuTTY and login.
We're going to be firing off a lot of commands that require root access, so step one is to:
$ su
Enter your password
# zypper ar --refresh Tumbleweed
# zypper ar --refresh 'openSUSE Current OSS'
# zypper ar --refresh 'openSUSE Current non-OSS'
# zypper ar --refresh 'openSUSE Current OSS updates'
# zypper ar --refresh 'openSUSE Current non-OSS updates'
# zypper rr openSUSE-13.1-1.10 repo-debug repo-debug-update repo-debug-update-non-oss repo-non-oss repo-oss repo-source repo-update repo-update-non-oss
# echo '[main]' > /etc/zypp/vendors.d/Tumbleweed.conf
# echo 'vendors = suse,opensuse,obs://' >> /etc/zypp/vendors.d/Tumbleweed.conf
# zypper lr
That last command will list out the repositories. You should see this.
# | Alias                            | Name                             | Enabled | Refresh
1 | Tumbleweed                       | Tumbleweed                       | Yes     | Yes
2 | openSUSE Current OSS             | openSUSE Current OSS             | Yes     | Yes
3 | openSUSE Current OSS updates     | openSUSE Current OSS updates     | Yes     | Yes
4 | openSUSE Current non-OSS         | openSUSE Current non-OSS         | Yes     | Yes
5 | openSUSE Current non-OSS updates | openSUSE Current non-OSS updates | Yes     | Yes
If you're missing any of those, run the appropriate "zypper ar --refresh" command above to add the missing repository. If you've got more than what is above, run zypper rr where is the name of the alias in the your list that isn't in the one above. This is very important. You won't be able to reliably upgrade the distribution if you have more than these repositories enabled.
Now run:
# cat /etc/zypp/vendors.d/Tumbleweed.conf
You should see:
vendors = suse,opensuse,obs://
If you see something different, run "rm /etc/zypp/vendors.d/Tumbleweed.conf" and issue the "echo" commands above again (along with the cat command to ensure it's correct).
We're ready to refresh the repositories and convert this install to a Tumbleweed install.
# zypper refresh
You're going to get prompted several times with a message similar to this:
Retrieving repository 'Tumbleweed' metadata ---------------

New repository or package signing key received:
Key ID: xxxx
Key Name: xxxx 
Key Fingerprint: xxxx
Key Created: Mon 18 Feb 2013 12:09:00 PM EST
Key Expires: Wed 29 Apr 2015 01:09:00 PM EDT
Repository: (repository name)

Do you want to reject the key, trust temporarily, or trust always? [r/t/a/? shows all options] (r):
Type "a" and hit enter each time.
This could take a few moments depending on your internet connection or server performance. You've already had a cup of coffee, either switch to wine or surf Hacker News or something while you wait. When it's finished:
# zypper dup
# reboot
You've probably gotten a new kernel at this point, so it's a good idea to reboot the bugger. Hopefully, you get the same IP address from DHCP. If not, log in locally and:
$ sudo /sbin/ifconfig
To find your IP address.

Part II - Fish Shell (optional)

I have been using Fish Shell for a while. It's a great productivity enhancer for the infrequent sysadmin. It's by no means required, but I strongly recommend it. More about that here.
If you visited the site you probably discovered that there's an easy way to install via zypper. I haven't been able to get this to work in quite a while on openSUSE, so we're going to build it.
# zypper in git ncurses-devel autoconf gcc-c++ cmake lynx
# cd ~
# git clone git://
# cd fish-shell
# autconf
# ./configure && make && make install
# echo '/usr/local/bin/fish' >> /etc/shells
Note: We've installed a C++ compiler, autoconf and cmake, which are development tools that allow for compiling of applications. Generally speaking, it's a bad idea to leave these installed on a production machine. Later you might want to remove these packages if you don't need them (and you can take that advice for any package that you don't need).

Set Fish Shell as the Default Shell (Optional)

Fish is not precisely compatible with bash. Normally this isn't much of a problem provided each script you need to run identifies itself as a bash script. I have never had an issue setting fish as the default shell, but if you're concerned you can skip this and invoke fish by simply typing "fish" at a $ or # prompt. To set it as default:
# chsh -s /usr/local/bin/fish
# exit
$ chsh -s /usr/local/bin/fish
(Enter your password)
$ su
(Enter it once again)

Syntax Highlight in Nano

I prefer the GNU nano text editor over the more common vi and others. It's a simple 'notepad'-in-text-mode-like editor. The openSUSE includes a number of syntax highlighting options, however, they're not turned on by default and there are some missing. We'll download new syntax highlighting rules and configure the environment to use them as well as add a command to your profile to prevent nano from wrapping lines (fatal to configuration file editing).
# cd /usr/local/src
# git clone
# make
# echo 'set nowrap' >> ~/.nanorc
(enter your password)

Other Useful Packages

# zypper in man

No comments :