This is my personal note list for preparing a root server. The list is not complete and may contain errors.
Network setup
- Install OS as usual or use image from Control Panel
Network setup
- Set/check fixed ip
- Set the “Reverse DNS” entry in Control Panel
- Add local user
useradd <username>
usermod -aG sudo <username> - Set hostname
sudo hostnamectl set-hostname <hostname> - Edit the /etc/hosts file
- Edit the /etc/cloud/cloud.cfg file if exists (
preserve_hostname: false to true)
SSH
- Add pubkey to
~/.ssh/authorized_keys - Disable SSH login with password and permit root login in
/etc/ssh/sshd_configfile
|
1 2 3 4 |
PasswordAuthentication no PubkeyAuthentication yes PermitRootLogin prohibit-password |
- Restart SSH Daemon
service sshd restart
VIM
- VIM Color open
~/.vimrcand add
colo desert
syntax on
Docker
- Install docker-cd here
- Install docker-compose here
- Install docker-compose command completion here
- add username to docker group (source)
sudo usermod -aG docker $USER
Traefik
- TBD
fail2ban
- Update repos and upgrade system
sudo apt-get update
sudo apt-get upgrade - Install fail2ban with
sudo apt-get install fail2ban - Create config file
/etc/fail2ban/jail.localand add a jail for the SSH Deamon
|
1 2 3 4 5 6 7 |
[sshd] enabled = true port = 22 filter = sshd logpath = /var/log/auth.log maxretry = 3 |