Skip to main content

Basic Setup - First 5 minutes on a new server

  • Copy SSH ID: ssh-copy-id
  • Update server: sudo apt update; sudo apt upgrade
  • Firewall:
    • apt install ufw
    • ufw allow ssh
    • ufw enable
  • Reboot server: reboot
  • Install mosh:
    • apt install mosh
    • ufw allow 60000:61000/udp
    • ufw enable
  • Create new user:
    • adduser tom
    • usermod -aG sudo tom
  • Add server to local SSH config and give it a name.
  • Reconnect to server: mosh name
  • Install vim: sudo apt install vim
  • Configure default editor: update-alternatives --config editor
  • Lock the root account to disable root login: sudo passwd -l root

Preference is security, not availability.

  • Unattended upgrades: sudo apt install unattended-upgrades
  • Fail2ban: sudo apt install fail2ban
  • Restart each week: sudo crontab -e
    • 5 3 * * 1 reboot

Postfix as mailforwarder:

  • Install postfix: sudo apt install postfix
  • Choose internet with smart host
  • Choose your domain name
  • Choose the SMTP server
  • Install sasl support: sudo apt install libsasl2-modules
  • Edit /etc/postfix/main.cf:
    • Before relayhost:
smtp_sasl_auth_enable = yes
smtpd_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/smtp_auth
smtp_tls_security_level = encrypt
smtp_tls_note_starttls_offer = yes
  • Create the mentioned /etc/postfix/smtp_auth with the following content:
    • mail.server.com user:passwort
  • Create the db file: sudo postmap /etc/postfix/smtp_auth
  • Delete the input file: sudo rm /etc/postfix/smtp_auth
  • Rename the senders: sudo vim /etc/postfix/generic with the following content:
    • @hostname your@sender.address
  • Restart postfix server: sudo systemctl restart postfix

Test postifx:

  • Install mail command: sudo apt install mailutils

  • Send test mail: mail -s "test" thomas@irgang.eu < /dev/null

  • Watch logs: journalctl -f and check mail inbox

  • Install useful tools: sudo apt install vim git tmux htop ripgrep python3 python3-venv

  • Install docker and docker compose:

    • sudo apt install docker.io docker-compose docker-cli docker-buildx
    • sudo usermod -aG docker your_user
No Comments
Back to top