RoE | Wiki

User Tools

Site Tools

Trace:
distros:ubuntu_server

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
distros:ubuntu_server [2019/02/08 20:58] Sean Rhonedistros:ubuntu_server [2024/02/07 09:01] – [Service] Sean Rhone
Line 1: Line 1:
 +====== Information ======
 +
 +  * Ubuntu ((https://ubuntu.com/))
 +  * Server ((http://www.ubuntu.com/server))
 +  * 23.10
 +
 +====== Installation Notes ======
 +
 +  * 23.10's installers don't work with only 512 MB of physical RAM ((2024: can't use Vultr's free tier VPS option; [[https://www.vultr.com/?ref=6906013|referral]])), but fine with 1 GB+
 +
 +====== Download ======
 +
 +===== Etcher Image Writer =====
 +
 +  * https://etcher.balena.io/#download-etcher
 +
 +===== Ubuntu =====
 +
 +  * http://www.ubuntu.com/download/server
 +  * http://cdimage.ubuntu.com/releases/
 +
 +====== HOSTS ======
 +
 +  * https://github.com/StevenBlack/hosts/
 +  * Unified hosts + fakenews + gambling
 +
 +===== Initial =====
 +
 +  * Only run once
 +
 +  ls '/etc/hosts~' || wget -O '/tmp/hosts-tmp' 'https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-gambling/hosts' && sudo cp --backup '/tmp/hosts-tmp' '/etc/hosts' && sync
 +
 +===== Update =====
 +
 +****
 +
 +  ls '/etc/hosts~' && wget -O '/tmp/hosts-tmp' 'https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-gambling/hosts' && sudo mv --force '/tmp/hosts-tmp' '/etc/hosts' && sync
 +
 +===== Restore Backup =====
 +
 +****
 +
 +  ls '/etc/hosts~' && sudo mv --force '/etc/hosts~' '/etc/hosts' && sync
 +
 +====== Repositories ======
 +
 +===== Disable cdrom Repo =====
 +
 +  * Add a ''#'' to the line mentioning ''cdrom''
 +  * Solves ''E: The repository file:/cdrom mantic Release no longer has a Release file.''
 +
 +  sudo -e '/etc/apt/sources.list'
 +
 +<code>#deb [check-date=no] file:///cdrom mantic main restricted</code>
 +
 +===== Additional Ubuntu =====
 +
 +  * https://help.ubuntu.com/community/Repositories/Ubuntu
 +  * Only ''universe'' is likely needed
 +  * 2023/05/04: There doesn't seem to be a need to enable any of these by-default
 +
 +  sudo add-apt-repository 'universe'
 +
 +  sudo add-apt-repository 'multiverse'
 +
 +  sudo add-apt-repository 'restricted'
 +
 +===== Keybase =====
 +
 +  * https://keybase.io/
 +  * https://prerelease.keybase.io/
 +  * :!: This is only the signing key, see [[#keybase1|Keybase]] for client installation
 +
 +  wget -O '/tmp/code_signing_key.asc' 'https://keybase.io/docs/server_security/code_signing_key.asc' && sudo mv '/tmp/code_signing_key.asc' '/etc/apt/trusted.gpg.d/keybase.asc' && sync
 +
 +====== Software ======
 +
 +===== Update =====
 +
 +==== System ====
 +
 +****
 +
 +  sudo apt update && sudo apt full-upgrade -y && sudo apt autoremove -y && sudo apt clean && sync
 +
 +==== Firmware ====
 +
 +****
 +
 +  sudo fwupdmgr refresh --force && sudo fwupdmgr update --verbose && sync
 +
 +==== Snaps ====
 +
 +****
 +
 +  sudo snap refresh
 +
 +===== Keybase =====
 +
 +  * https://keybase.io
 +  * TODO: Figure out backup script
 +
 +  rm -Rf '/tmp/keybase_amd64.deb' && wget -O '/tmp/keybase_amd64.deb' 'https://prerelease.keybase.io/keybase_amd64.deb' && sudo apt install '/tmp/keybase_amd64.deb' && rm '/tmp/keybase_amd64.deb' && sync && run_keybase
 +
 +====== Settings ======
 +
 +===== GRUB =====
 +
 +==== Config ====
 +
 +  * :!: [[notes:kernel_parameters|More Kernel Parameters]]
 +  * Add options in ''GRUB_CMDLINE_LINUX_DEFAULT=''
 +
 +  sudo -e '/etc/default/grub' && sudo update-grub
 +
 +===== Drive Maintenance =====
 +
 +==== Trim ====
 +
 +****
 +
 +  sudo systemctl enable 'fstrim.timer' --now && sudo systemctl start 'fstrim' && sync && sudo systemctl status 'fstrim' -l
 +
 +==== XFS Scrub ====
 +
 +  * [[https://wiki.archlinux.org/title/XFS#Online_Metadata_Checking_(scrub)|XFS - ArchWiki]]
 +  * :!: This is only necessary if XFS is being used on any persistent drives such as a NAS, and requires ''xfsprogs'' to be installed
 +
 +  sudo apt install 'xfsprogs'
 +
 +  sudo systemctl enable 'xfs_scrub_all.timer' --now && sudo systemctl start 'xfs_scrub_all' && sync && sudo systemctl status 'xfs_scrub_all' -l
 +
 +===== UTC =====
 +
 +  * [[https://wiki.archlinux.org/index.php/System_time#Time_standard|System time - ArchWiki]]
 +  * Set RTC to UTC
 +  * :!: Needed if Windows is installed first
 +  * :!: Windows should also be set to UTC
 +
 +  sudo timedatectl set-local-rtc '0'
 +
 +==== Verify ====
 +
 +****
 +
 +  timedatectl | grep local
 +
 +===== OpenSSH =====
 +
 +  * See [[clients:secure_shell|Client]] notes to generate/restore public key
 +  * See [[servers:secure_shell|Server]] notes to force public key auth and to further secure the OpenSSH server
 +
 +===== Sensors =====
 +
 +==== Install ====
 +
 +****
 +
 +  sudo apt install lm-sensors
 +
 +==== Detect ====
 +
 +****
 +
 +  sudo sensors-detect --auto
 +
 +==== Watch ====
 +
 +****
 +
 +  sudo watch --interval '0.5' sensors
 +
 +===== Uncomplicated Firewall =====
 +
 +  * Allows SSH
 +  * :!: Does not limit SSH ((this caused issues; better to just secure SSH))
 +  * See [[notes:ufw|ufw]] for more notes
 +
 +  sudo ufw reset && sudo ufw default deny && sudo ufw logging off && sudo ufw allow 'ssh' && sudo ufw enable && sudo systemctl enable 'ufw'
 +
 +====== Automatic Updates ======
 +
 +===== Config =====
 +
 +  * Should keep old config files in-case updated package changes their config (needs tested)
 +  * :!: 2023/05/04: Not sure if this is needed still?
 +
 +  sudo -e '/etc/apt/apt.conf.d/99auto-update-custom'
 +
 +<code>
 +Dpkg::Options {
 +   "--force-confdef";
 +   "--force-confold";
 +}</code>
 +
 +===== Service =====
 +
 +  sudo -e '/etc/systemd/system/ubuntu-up.service'
 +
 +<code>
 +[Service]
 +Type=oneshot
 +ExecStartPre='/usr/bin/apt' clean
 +ExecStart='/usr/bin/apt' update
 +ExecStart='/usr/bin/apt' full-upgrade -y
 +ExecStart='/usr/bin/apt' autoremove -y
 +ExecStart='/usr/bin/snap' refresh
 +ExecStartPost='/usr/bin/sync'
 +ExecStartPost='/usr/bin/systemctl' reboot</code>
 +
 +===== Timer =====
 +
 +  * ''00:00'' Alira
 +
 +  sudo -e '/etc/systemd/system/ubuntu-up.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'ubuntu-up.timer' --now
 +
 +<code>
 +[Unit]
 +Description=Software Package Maintenance and Updater
 +After=network-online.target
 +Wants=network-online.target
 +
 +[Timer]
 +OnCalendar=*-*-* 00:00:00
 +Persistent=true
 +
 +[Install]
 +WantedBy=timers.target</code>
 +
 +====== External Backup ======
 +
 +  * :!: 2023/05/04: This hasn't been used for years and likely needs re-factored
 +
 +===== fstab =====
 +
 +  * Expects a drive of some kind with a XFS partition at ''/dev/sdb1''
 +
 +  sudo mkdir -p '/mnt/USB' && sudo -e '/etc/fstab'
 +
 +<code>
 +# USB
 +/dev/sdb1 /mnt/USB xfs rw,relatime,attr2,inode64,noquota 0 2</code>
 +
 +  sudo mount '/dev/sdb1'
 +
 +===== Service =====
 +
 +  sudo -e '/etc/systemd/system/backup-external.service' && sudo sed -i 's/CHANGEME/'$USER'/g' '/etc/systemd/system/backup-external.service'
 +
 +<code>
 +[Service]
 +Type=oneshot
 +ExecStartPre='/usr/bin/sync'
 +ExecStart='/usr/bin/rsync' -r '/home/CHANGEME/backups' '/mnt/USB' --verbose --ignore-existing
 +ExecStartPost='/usr/bin/sync'</code>
 +
 +===== Timer =====
 +
 +  sudo -e '/etc/systemd/system/backup-external.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'backup-external.timer' --now
 +
 +<code>
 +[Unit]
 +Description=Backup Backups to External Device
 +
 +[Timer]
 +OnCalendar=*-*-* 07:00:00
 +Persistent=true
 +
 +[Install]
 +WantedBy=timers.target</code>
 +
 +====== Notable Folders and Commands ======
 +
 +  * See [[notes:misc_linux]]
  
/var/www/wiki/data/pages/distros/ubuntu_server.txt · Last modified: 2024/02/07 09:22 by Sean Rhone