This is a migration scenario. I set up the new machine first with the new Debian system, then move the data drives from the old server. For initial setup I create a 5GB Home mount point, which will later be replaced with the one on the data drives from the old server.

1. Test your hardware compatibility with a Debian Live system, then download and do a manual install from the image file on a USB-stick
2. Partition manually on System Drive 1: partitions ESP (500MB), RAID (127.5GB)
3. Partition manually on System Drive 2: partitions ESP (500MB), RAID (127.5GB), Home (5GB), Swap (remaining)

Since I'm installing an old technology low performance quiet graphics card, I need to setup access for Xorg first.

1. After booting into the installed system the screen goes blank
2. Enter a tty terminal with Ctrl-Alt-F1 and login
3. Add file 20-nouveau.conf to /etc/X11/xorg.conf.d/ containing:

   Section "Device"
           Identifier "Nvidia card"
           Driver "nouveau"
   EndSection

4. Do not install nVidia's proprietary drivers, see Debian Linux – Uninstall NVIDIA Driver & Reinstall Nouveau Driver (Step-by-Step) if you already did, and google use nouveau xorg on an AI enabled browser

1. Data drives must be set to RAID, LVM, CRYPT in this order. For my use cases LUKS on LVM is the best scenario.
2. If you set data drives, the installer request to encrypt swap space. Do it, then remove the swap encryption after booting into the system.
3. Set manual static IP address in Network Manager for main NIC and reboot
4. Update repositories and apps

   apt-get update
   apt-get upgrade

5. Copy “.bashrc” from user account to /root, modify prompt color from 0;32 (green) to 0;31 (red)
6. Check your locale settings

   locale -a

7. Install the required locales

   dpkg-reconfigure locales

8. Change dhcp to static in file /etc/network/interfaces, or remove the entry for the interface you want to manage with wicd or network manager, to avoid dhcp-client to assign a dynamic ip during boot. Do not add further interface information, do this in wicd or network manager

   sudo vim /etc/network/interfaces
   iface eth0 inet manual

1. Add user to sudoers group and set sudo user permissions (type exactly as indicated)

   sudo adduser <user> sudo

2. Logout and Login again
3. Disable root account, vim /etc/passwd, replace the following line with the one below

   root:x:0:0:root:/root:/bin/bash
   root:x:0:0:root:/root:/usr/sbin/nologin

4. Install SSH Access

1. Import the GPG key: wget -q https://www.virtualbox.org/download/oracle_vbox_2016.asc -O- | sudo gpg –dearmor -o /etc/apt/trusted.gpg.d/virtualbox.gpg
2. Add the repository: sudo sh -c 'echo “deb [arch=amd64] http://download.virtualbox.org/virtualbox/debian bookworm contrib” » /etc/apt/sources.list.d/virtualbox.list'
3. Update package lists: sudo apt update
4. Install VirtualBox: sudo apt install virtualbox-7.1
5. Install the VirtualBox Extension Pack: sudo apt install virtualbox-ext-pack

1. Install the lvm2 package:

   sudo apt install lvm2

2. Enable and start the LVM service:

   sudo systemctl enable lvm2-lvmetad
   sudo systemctl start lvm2-lvmetad

1. Install:

   sudo apt install cryptsetup

1. Install:

   apt install openvpn

1. Mount LVM volumes, first check filesystem type

   file -sL /dev/sda1 or file -sL /dev/vg_group/lv_volume

2. Add fstab entry to mount during system boot for unencrypted volumes

   /dev/vg_group/lv_volume /home ext4 noatime,user_xattr 0 0

3. Add Encrypted partitions/folders with auto-mount

1. Install

   sudo apt install vim
   sudo apt install smartmontools
   sudo apt install iotop
   sudo apt install rsync
   sudo apt install zip
   sudo apt install wget

2. Usage

   smartctl --health /dev/sda

1. Set up rc.local to autostart scripts at boot time

sudo apt-get remove --purge libreoffice*
sudo apt-get clean
sudo apt-get autoremove

Sometimes it is helpful to exclude a package from upgrading. Virtualbox, for example, requires the GUI on the client to be used after version upgrade to upgrade and install the guest addtions, so sometimes it's better to not upgrade the package while you don't have physical access to the client. You can exclude and include with the following commands:

sudo apt-mark hold virtualbox-6.1
sudo apt-mark unhold virtualbox-6.1

• Where is rc.local in Debian 9 (Debian Stretch)
• How to manage startup applications in Debian 9?