Differences

This shows you the differences between two versions of the page.

--- distros:ubuntu_server [2019/06/03 20:40] – [Timer] Sean Rhone
+++ distros:ubuntu_server [2024/02/07 09:01] – [Service] Sean Rhone
@@ Line 1: / Line 1: @@
 ====== Information ======
-  * Ubuntu Server ((http://www.ubuntu.com/server))
+  * Ubuntu ((https://ubuntu.com/))
-  * 18.04.1 LTS
+  * Server ((http://www.ubuntu.com/server))
+  * 23.10
+====== Installation Notes ======
+  * 23.10's installers don't work with only 512 MB of physical RAM ((2024: can't use Vultr's free tier VPS option; [[https://www.vultr.com/?ref=6906013|referral]])), but fine with 1 GB+
 ====== Download ======
+===== Etcher Image Writer =====
+  * https://etcher.balena.io/#download-etcher
+===== Ubuntu =====
   * http://www.ubuntu.com/download/server
   * http://cdimage.ubuntu.com/releases/
-====== Installation Notes ======
+====== HOSTS ======
-  * :!: Either use the Alternate or Network installer images to avoid cloud-init stuff
+  * https://github.com/StevenBlack/hosts/
-  * During installation, allow network autoconfig to occur, and then go back once prompted for a hostname; this will allow setting a static IPv4 address and custom DNS settings
+  * Unified hosts + fakenews + gambling
-====== Software ======
+===== Initial =====
-===== Repositories =====
+  * Only run once
-=== Additional Ubuntu ===
+  ls '/etc/hosts~' || wget -O '/tmp/hosts-tmp' 'https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-gambling/hosts' && sudo cp --backup '/tmp/hosts-tmp' '/etc/hosts' && sync
+===== Update =====
+****
+  ls '/etc/hosts~' && wget -O '/tmp/hosts-tmp' 'https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-gambling/hosts' && sudo mv --force '/tmp/hosts-tmp' '/etc/hosts' && sync
+===== Restore Backup =====
+****
+  ls '/etc/hosts~' && sudo mv --force '/etc/hosts~' '/etc/hosts' && sync
+====== Repositories ======
+===== Disable cdrom Repo =====
+  * Add a ''#'' to the line mentioning ''cdrom''
+  * Solves ''E: The repository file:/cdrom mantic Release no longer has a Release file.''
+  sudo -e '/etc/apt/sources.list'
+<code>#deb [check-date=no] file:///cdrom mantic main restricted</code>
+===== Additional Ubuntu =====
   * https://help.ubuntu.com/community/Repositories/Ubuntu
-  * Only ''universe'' is likely necessary
+  * Only ''universe'' is likely needed
-  * TODO: May not even need universe on servers
+  * 2023/05/04: There doesn't seem to be a need to enable any of these by-default
   sudo add-apt-repository 'universe'
@@ Line 29: / Line 65: @@
   sudo add-apt-repository 'restricted'
+===== Keybase =====
+  * https://keybase.io/
+  * https://prerelease.keybase.io/
+  * :!: This is only the signing key, see [[#keybase1|Keybase]] for client installation
+  wget -O '/tmp/code_signing_key.asc' 'https://keybase.io/docs/server_security/code_signing_key.asc' && sudo mv '/tmp/code_signing_key.asc' '/etc/apt/trusted.gpg.d/keybase.asc' && sync
+====== Software ======
 ===== Update =====
+==== System ====
 ****
@@ Line 36: / Line 84: @@
   sudo apt update && sudo apt full-upgrade -y && sudo apt autoremove -y && sudo apt clean && sync
-===== CPU Microcode =====
+==== Firmware ====
-==== Intel ====
+****
+  sudo fwupdmgr refresh --force && sudo fwupdmgr update --verbose && sync
+==== Snaps ====
 ****
-  intel-microcode
+  sudo snap refresh
-==== AMD ====
+===== Keybase =====
-  * Kraityn can't use this ((AMD Athlon(tm) 64 X2 Dual Core Processor 5600+))
+  * https://keybase.io
-  * TODO Oak ((AMD Phenom(tm) II X4 965 Processor))
+  * TODO: Figure out backup script
-  amd64-microcode
+  rm -Rf '/tmp/keybase_amd64.deb' && wget -O '/tmp/keybase_amd64.deb' 'https://prerelease.keybase.io/keybase_amd64.deb' && sudo apt install '/tmp/keybase_amd64.deb' && rm '/tmp/keybase_amd64.deb' && sync && run_keybase
 ====== Settings ======
-===== Cloud-Init =====
+===== GRUB =====
-  * https://cloudinit.readthedocs.io/en/latest/topics/boot.html#generator
+==== Config ====
-  * This disabled Cloud-Init
-  * :!: Can avoid this by using the Alternative or Network installer images to install instead of the default image
-  sudo touch '/etc/cloud/cloud-init.disabled'
+  * :!: [[notes:kernel_parameters|More Kernel Parameters]]
+  * Add options in ''GRUB_CMDLINE_LINUX_DEFAULT=''
-===== systemd-networkd =====
+  sudo -e '/etc/default/grub' && sudo update-grub
-  * This prevents the 2-minute start-up delay that happens for some unknown reason
+===== Drive Maintenance =====
-  * :!: This would theoretically pose a potential problem if there really is no internet connectivity ((But then again, I'm not sure what would happen without the mask even without an internet connection))
-  sudo systemctl mask 'systemd-networkd-wait-online.service' --now
+==== Trim ====
-===== Secure Shell =====
+****
-  * See [[Clients:Secure Shell]]
+  sudo systemctl enable 'fstrim.timer' --now && sudo systemctl start 'fstrim' && sync && sudo systemctl status 'fstrim' -l
-===== Timezone =====
+==== XFS Scrub ====
-  * Show list of available timezones with ''timedatectl''
+  * [[https://wiki.archlinux.org/title/XFS#Online_Metadata_Checking_(scrub)|XFS - ArchWiki]]
+  * :!: This is only necessary if XFS is being used on any persistent drives such as a NAS, and requires ''xfsprogs'' to be installed
-  sudo timedatectl set-timezone 'America/New_York'
+  sudo apt install 'xfsprogs'
-===== TRIM =====
+  sudo systemctl enable 'xfs_scrub_all.timer' --now && sudo systemctl start 'xfs_scrub_all' && sync && sudo systemctl status 'xfs_scrub_all' -l
-==== Swap ====
+===== UTC =====
-  * Add ''discard'' after ''defaults'' for the ''swap'' mountpoint ((defaults,discard))
+  * [[https://wiki.archlinux.org/index.php/System_time#Time_standard|System time - ArchWiki]]
+  * Set RTC to UTC
+  * :!: Needed if Windows is installed first
+  * :!: Windows should also be set to UTC
-  sudo -e '/etc/fstab'
+  sudo timedatectl set-local-rtc '0'
-  ,discard
+==== Verify ====
-==== Service ====
+****
-  * ''fstrim.timer'' is already enabled out-the-box, but this is useful for historical purposes
+  timedatectl | grep local
-  * TODO: Verify
-  sudo systemctl enable 'fstrim.timer' --now && sudo systemctl start 'fstrim' && sync && sudo systemctl status 'fstrim' -l
+===== OpenSSH =====
+  * See [[clients:secure_shell|Client]] notes to generate/restore public key
+  * See [[servers:secure_shell|Server]] notes to force public key auth and to further secure the OpenSSH server
+===== Sensors =====
+==== Install ====
+****
+  sudo apt install lm-sensors
+==== Detect ====
+****
+  sudo sensors-detect --auto
+==== Watch ====
+****
+  sudo watch --interval '0.5' sensors
 ===== Uncomplicated Firewall =====
   * Allows SSH
+  * :!: Does not limit SSH ((this caused issues; better to just secure SSH))
+  * See [[notes:ufw|ufw]] for more notes
   sudo ufw reset && sudo ufw default deny && sudo ufw logging off && sudo ufw allow 'ssh' && sudo ufw enable && sudo systemctl enable 'ufw'
@@ Line 106: / Line 184: @@
   * Should keep old config files in-case updated package changes their config (needs tested)
+  * :!: 2023/05/04: Not sure if this is needed still?
   sudo -e '/etc/apt/apt.conf.d/99auto-update-custom'
@@ Line 126: / Line 205: @@
 ExecStart='/usr/bin/apt' full-upgrade -y
 ExecStart='/usr/bin/apt' autoremove -y
-ExecStartPost='/bin/sync'
+ExecStart='/usr/bin/snap' refresh
-ExecStartPost='/bin/systemctl' reboot</code>
+ExecStartPost='/usr/bin/sync'
+ExecStartPost='/usr/bin/systemctl' reboot</code>
 ===== Timer =====
-  * 06:10 Kraityn
+  * ''00:00'' Alira
-  * 06:20 Alira
-  * 06:30 Oak
-  * 06:40 Hatebeat
   sudo -e '/etc/systemd/system/ubuntu-up.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'ubuntu-up.timer' --now
@@ Line 145: / Line 222: @@
 [Timer]
-OnCalendar=*-*-* 06:10:00
+OnCalendar=*-*-* 00:00:00
 Persistent=true
@@ Line 152: / Line 229: @@
 ====== External Backup ======
+  * :!: 2023/05/04: This hasn't been used for years and likely needs re-factored
 ===== fstab =====
@@ Line 166: / Line 245: @@
 ===== Service =====
-  * TODO: Ubuntu paths
   sudo -e '/etc/systemd/system/backup-external.service' && sudo sed -i 's/CHANGEME/'$USER'/g' '/etc/systemd/system/backup-external.service'
@@ Line 195: / Line 272: @@
 ====== Notable Folders and Commands ======
-===== fstrim =====
+  * See [[notes:misc_linux]]
-****
-  sudo fstrim -v --all
-===== Show CPU Frequency =====
-  grep 'MHz' '/proc/cpuinfo'
-  watch -n 0.1 grep \'cpu MHz\' '/proc/cpuinfo'
-===== Partition Information =====
-****
-  df -hT
-===== Hyper-threading Information =====
-****
-  grep -e "processor" -e "core id" -e "^$" /proc/cpuinfo
-===== Optimal GCC compiler flags =====
-****
-  gcc -v -E -x c -march=native -mtune=native - < /dev/null 2>&1 | grep cc1 | perl -pe 's/ -mno-\S+//g; s/^.* - //g;'
-====== Privacy ======
-===== Clear Terminal History =====
-****
-  history -cw
-===== Create 7z Password Archive =====
-  * Change ''x'' in ''x.7z'' to the desired archive name
-  * Change ''CHANGEME'' in ''-pCHANGEME'' to the desired password
-za a 'x.7z' -p'CHANGEME'