Add Linux fresh setup toolkit

2026-06-06 00:23:11 +00:00
parent 8cb92de06f
commit 4e739c5c99
25 changed files with 1646 additions and 0 deletions
@@ -0,0 +1,47 @@
+# Fresh Install Checklist
+
+## Before bootstrap
+
+- Confirm Ubuntu 24.04 or newer and record the release and kernel.
+- Apply firmware settings for virtualization, IOMMU, or Secure Boot as needed.
+- Confirm console or out-of-band access before firewall work.
+- Record interfaces, addresses, routes, DNS, storage, and intended mountpoints.
+- Patch the base system and reboot if required.
+- Decide whether the host needs Docker, libvirt, Cockpit, or NVIDIA support.
+- Review application ports and VM networking before enabling UFW.
+- Confirm backups exist for any pre-existing host configuration.
+
+## Bootstrap
+
+Start with the least capability required:
+
+```bash
+sudo ./install.sh --base --shell
+```
+
+Add reviewed platform profiles:
+
+```bash
+sudo ./install.sh --cockpit --docker --libvirt --nvidia-tools --tuning --security
+```
+
+Do not select `--enable-ufw` until remote access and application rules are
+understood. Do not install an NVIDIA driver until hardware, kernel, Secure Boot,
+and workload compatibility are known.
+
+## Post-bootstrap evidence
+
+- Review all installer warnings.
+- Run `systemctl --failed`.
+- Confirm expected services with `systemctl status`.
+- Review `ss -tulpn`, `df -hT`, `ip -brief address`, and `ip route`.
+- Confirm Docker with `docker version` and `docker compose version`.
+- Confirm libvirt with `virsh list --all` and `virsh net-list --all`.
+- Confirm GPU state with `lspci -nn | grep -i nvidia` and `nvidia-smi`.
+- Reboot after driver installation and repeat the postcheck.
+
+## Handover
+
+Document host-specific storage, network, firewall, backup, application, GPU,
+and VM decisions. Install the separate `ailab-maintenance` toolkit only after
+reviewing its scheduled day-2 behavior.