Differences

This shows you the differences between two versions of the page.

--- distros:ubuntu_server [2019/02/08 20:58] – Sean Rhone
+++ distros:ubuntu_server [2020/06/12 03:03] – Sean Rhone
@@ Line 1: / Line 1: @@
+====== Information ======
+  * Ubuntu Server ((http://www.ubuntu.com/server))
+  * 20.04 LTS
+====== Known Issues ======
+  * None
+====== Download ======
+  * http://www.ubuntu.com/download/server
+  * http://cdimage.ubuntu.com/releases/
+====== Installation Notes ======
+  * During installation, allow network autoconfig to occur, and then go back once prompted for a hostname; this will allow setting a static IPv4 address and custom DNS settings
+====== Repositories ======
+===== Additional Ubuntu =====
+  * https://help.ubuntu.com/community/Repositories/Ubuntu
+  * Only ''universe'' is likely necessary
+  * TODO: May not even need universe on servers
+  sudo add-apt-repository 'universe'
+  sudo add-apt-repository 'multiverse'
+  sudo add-apt-repository 'restricted'
+====== Software ======
+===== Update =====
+==== System ====
+****
+  sudo apt update && sudo apt full-upgrade -y && sudo apt autoremove -y && sudo apt clean && sync
+==== Snaps ====
+****
+  sudo snap refresh
+===== General =====
+==== Bare-metal ====
+****
+  sudo apt install lm-sensors
+===== Keybase =====
+  * https://keybase.io
+  * TODO: Figure out backup script
+  wget -O '/tmp/keybase_amd64.deb' 'https://prerelease.keybase.io/keybase_amd64.deb' && sudo dpkg --install '/tmp/keybase_amd64.deb' && sudo apt install -f && rm '/tmp/keybase_amd64.deb' && sync && run_keybase
+====== Settings ======
+===== OpenSSH =====
+  * See [[clients:secure_shell|OpenSSH Client]] notes to generate/restore public key
+  * See [[servers:secure_shell|OpenSSH Server]] notes to force public key auth and to further secure the OpenSSH server
+===== Sensors =====
+==== Detect ====
+****
+  sudo sensors-detect --auto
+==== Watch ====
+****
+  sudo watch -n0.1 sensors
+===== Uncomplicated Firewall =====
+  * Allows SSH
+  * :!: Does not limit SSH ((this caused issues; better to just secure SSH))
+  * See [[notes:ufw|ufw]] for more notes
+  sudo ufw reset && sudo ufw default deny && sudo ufw logging off && sudo ufw allow 'ssh' && sudo ufw enable && sudo systemctl enable 'ufw'
+====== Automatic Updates ======
+===== Config =====
+  * Should keep old config files in-case updated package changes their config (needs tested)
+  sudo -e '/etc/apt/apt.conf.d/99auto-update-custom'
+<code>
+Dpkg::Options {
+   "--force-confdef";
+   "--force-confold";
+}</code>
+===== Service =====
+  sudo -e '/etc/systemd/system/ubuntu-up.service'
+<code>
+[Service]
+Type=oneshot
+ExecStartPre='/usr/bin/apt' clean
+ExecStart='/usr/bin/apt' update
+ExecStart='/usr/bin/apt' full-upgrade -y
+ExecStart='/usr/bin/apt' autoremove -y
+ExecStartPost='/bin/sync'
+ExecStartPost='/bin/systemctl' reboot</code>
+===== Timer =====
+  * 06:10 Kraityn
+  * 06:20 Alira
+  * 06:30 Oak
+  * 06:40 Hatebeat
+  sudo -e '/etc/systemd/system/ubuntu-up.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'ubuntu-up.timer' --now
+<code>
+[Unit]
+Description=Software Package Maintenance and Updater
+After=network-online.target
+Wants=network-online.target
+[Timer]
+OnCalendar=*-*-* 06:10:00
+Persistent=true
+[Install]
+WantedBy=timers.target</code>
+====== External Backup ======
+===== fstab =====
+  * Expects a drive of some kind with a XFS partition at ''/dev/sdb1''
+  sudo mkdir -p '/mnt/USB' && sudo -e '/etc/fstab'
+<code>
+# USB
+/dev/sdb1 /mnt/USB xfs rw,relatime,attr2,inode64,noquota 0 2</code>
+  sudo mount '/dev/sdb1'
+===== Service =====
+  * TODO: Ubuntu paths
+  sudo -e '/etc/systemd/system/backup-external.service' && sudo sed -i 's/CHANGEME/'$USER'/g' '/etc/systemd/system/backup-external.service'
+<code>
+[Service]
+Type=oneshot
+ExecStartPre='/usr/bin/sync'
+ExecStart='/usr/bin/rsync' -r '/home/CHANGEME/backups' '/mnt/USB' --verbose --ignore-existing
+ExecStartPost='/usr/bin/sync'</code>
+===== Timer =====
+  sudo -e '/etc/systemd/system/backup-external.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'backup-external.timer' --now
+<code>
+[Unit]
+Description=Backup Backups to External Device
+[Timer]
+OnCalendar=*-*-* 07:00:00
+Persistent=true
+[Install]
+WantedBy=timers.target</code>
+====== Notable Folders and Commands ======
+===== fstrim =====
+****
+  sudo fstrim -v --all
+===== Show CPU Frequency =====
+  grep 'MHz' '/proc/cpuinfo'
+  watch -n 0.1 grep \'cpu MHz\' '/proc/cpuinfo'
+===== Partition Information =====
+****
+  df -hT
+===== Hyper-threading Information =====
+****
+  grep -e "processor" -e "core id" -e "^$" /proc/cpuinfo
+===== Optimal GCC compiler flags =====
+****
+  gcc -v -E -x c -march=native -mtune=native - < /dev/null 2>&1 | grep cc1 | perl -pe 's/ -mno-\S+//g; s/^.* - //g;'
+====== Privacy ======
+===== Clear Terminal History =====
+****
+  history -cw
+===== Create 7z Password Archive =====
+  * Change ''x'' in ''x.7z'' to the desired archive name
+  * Change ''CHANGEME'' in ''-pCHANGEME'' to the desired password
+za a 'x.7z' -p'CHANGEME'