Server setup instructions

Table of contents

• Prerequisites
  • Create a user account with sudo privileges
  • Configure an SSH key
  • Point your domain names to your machine IP address
• Installation
• Update
• Recipes
  • Mail machine
  • Application machine
  • Web machine
  • File machine
  • Daily backup machine
• Contributing

Prerequisites

Create a user account with sudo privileges

Back to top ↑

By default, Ubuntu comes preinstalled with a non-root sudo user named "ubuntu". The "root" user exists but is not accessible through SSH with a password. This is how you are supposed to use your machine, because part of the power inherent with the root account is the ability to make very destructive changes, even by accident.

But you will probably want something more meaningful than "ubuntu" as a username, so you can rename it by enabling temporary access to the "root" account (because you can't rename the user you currently logged in).

ipAddress=50.70.150.30

# Login to your machine's "ubuntu" account
ssh ubuntu@"${ipAddress}"

# Define a password for the root account
sudo passwd root

# Allow root login with password through SSH
sudo sed -i'.backup' -e 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/g' /etc/ssh/sshd_config

# Restart SSH
sudo service ssh restart

# Disconnect from your machine
exit

# Login to your machine's root account
ssh root@"${ipAddress}"

userName="johndoe"

# Rename user
usermod -l "${userName}" ubuntu

# Rename user group
groupmod -n "${userName}" ubuntu

# Rename home directory
usermod -d /home/"${userName}" -m "${userName}"

# Change password
passwd "${userName}"

# Disable root password
passwd -l root

# Restore initial SSH config
mv /etc/ssh/sshd_config.backup /etc/ssh/sshd_config

# Restart SSH
service ssh restart

# Disconnect from your machine
exit

Configure an SSH key

Back to top ↑

Before going any further, you need to generate an SSH key.

ssh-keygen -t ed25519 -N '' -f ~/.ssh/id_ed25519

Then add it to your server by using:

ipAddress=50.70.150.30
userName="johndoe"
ssh "${userName}"@"${ipAddress}" "echo '$(cat ~/.ssh/id_ed25519.pub)' | tee -a ~/.ssh/authorized_keys > /dev/null"

You can also add it to the root account:

ssh -t "${userName}"@"${ipAddress}" "echo '$(cat ~/.ssh/id_ed25519.pub)' | sudo tee -a /root/.ssh/authorized_keys > /dev/null"

Point your domain names to your machine IP address

Back to top ↑

Before continuing, your machine needs to have a dedicated domain name that will be its hostname.

You also need to point your app domain names to your machine IP address if you want to host an app for them. See with your domain name registrar to set up A (IPV4) or AAAA (IPV6) records to perform this operation.

A minimal DNS zone typically looks like this:

For example, after that, you will be able to login with:

ssh [email protected]

Instead of:

ssh [email protected]

Installation

Back to top ↑

Clone this repository:

git clone https://github.com/RomainFallet/server-setup ~/.server-setup

Run install script:

bash ~/.server-setup/scripts/install.sh

Reload your .bashrc to make aliases available:

. ~/.bashrc

Update

Back to top ↑

ss:self-update

Recipes

Mail machine

Back to top ↑

ss:recipes:mail-machine

Application machine

Back to top ↑

ss:recipes:application-machine

Web machine

Back to top ↑

ss:recipes:web-machine

CI machine

Back to top ↑

ss:recipes:ci-machine

CI runner machine

Back to top ↑

ss:recipes:ci-runner-machine

File machine

Back to top ↑

ss:recipes:file-machine

Daily backup machine

Back to top ↑

ss:recipes:daily-backup-machine

Contributing

Development installation

Back to top ↑

Clone this repository:

git clone https://github.com/RomainFallet/server-setup

Install dependencies:

npm ci

Project commands

Back to top ↑

Lint markdown and bash files:

npm run lint

Format markdown files!

npm run format

Check dependencies vulnerabilities:

npm audit

Install latest dependencies patches:

npm update