ducoterra
5184c84d50
All checks were successful
Podman DDNS Image / build-and-push-ddns (push) Successful in 33s
1.8 KiB
1.8 KiB
Debian
Note these instructions differentiate between an operator and a server. The operator can be
any machine that configure the server. A pipeline, laptop, dedicated server, etc. are all options.
The server can be its own operator, though that's not recommended since servers should be ephemeral
and the operator will store information about each server.
Setup SSH
See README
Fail2Ban
On the server:
apt update
apt install -y fail2ban
Edit /etc/fail2ban/jail.d/defaults-debian.conf and add backend = systemd
[sshd]
enabled = true
# Add backend
backend = systemd
Enable the service
systemctl enable fail2ban --now
Automatic Updates
On the server:
apt install -y unattended-upgrades
systemctl enable --now unattended-upgrades.service
Docker
https://docs.docker.com/engine/install/debian/#installation-methods
Extras
On the server:
# Install glances for system monitoring
apt install -y glances net-tools vim
# Install zsh with autocomplete and suggestions
apt install -y zsh zsh-autosuggestions zsh-syntax-highlighting
cat <<EOF > ~/.zshrc
# Basic settings
autoload bashcompinit && bashcompinit
autoload -U compinit; compinit
zstyle ':completion:*' menu select
# Prompt settings
autoload -Uz promptinit
promptinit
prompt redhat
PROMPT_EOL_MARK=
# Syntax Highlighting
source /usr/share/zsh-syntax-highlighting/zsh-syntax-highlighting.zsh
source /usr/share/zsh-autosuggestions/zsh-autosuggestions.zsh
### Custom Commands and Aliases ###
EOF
chsh -s $(which zsh) && chsh -s $(which zsh) ducoterra
# Cockpit
apt install -y cockpit
systemctl enable --now cockpit