joDoc

Benutzer-Werkzeuge

Webseiten-Werkzeuge

Zuletzt angesehen:
contabo:setup

Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

Link zu dieser Vergleichsansicht

Nächste Überarbeitung		Vorhergehende Überarbeitung
contabo:setup [2021/11/01 12:49] – created jodoccontabo:setup [2024/12/22 23:17] (aktuell) – [Set up SUDO] jodoc
Zeile 1: Zeile 1:
 ====== Contabo server setup ====== ====== Contabo server setup ======
  
-Just after setup of Ubuntu 20.04 server there are several things to do. For the very first step you need to login as root via ssh, but all subsequent steps should be done as you new sudo user.+Just after setup of Ubuntu 20.04 VPS server at [[https://www.contabo.de|Contabo]] there are several things to do, mainly to set up a proper and save user account as well as the ssh daemon.
  
-===== Set up SUDO =====+===== Preparation =====
  
-This might be a bit tricky, suggestion is to actually login into the server using **two ssh terminals/sessions as root**and use one of the terminals to work and the other to fix things if they go wrong;-)+For the first two steps you need to login as root via ssh. All subsequent steps should be done as you new sudo user that you create in step two. However, suggestion is to open **two terminals/sessions** as root user to the server and only work in one of the terminals for the first three steps (IPv6, SUDO and SSHD setup) and have the other one available if something does not workAfter the third step is verified, you can close the second terminal/session. 
 + 
 +===== Enable IP v6 ===== 
 + 
 +This is a specific thing with contabo: Per default, IPv6 is //NOT// enabled, and should be done manually. Luckily, there is a command available to do it, but this is just made available via an alias definition in the root's '.bashrc': 
 + 
 +<code> 
 +alias enable_ipv6='sed -i "/net.ipv6.conf.all.disable_ipv6.*/d" /etc/sysctl.conf && sysctl -q -p && echo 0 > /proc/sys/net/ipv6/conf/all/disable_ipv6 && sed -i "s/#//" /etc/netplan/01-netcfg.yaml && netplan generate && netplan apply' 
 +</code> 
 + 
 +So to perform this step, login as root and call 
 + 
 +<code> 
 +enable_ipv6 
 +</code> 
 + 
 +Done. 
 + 
 +===== Set up SUDO =====
    
-1) Add a user, make her part of ''sudo'' group+Login into server as root, add a user (''johndoe'' in this example)add user to ''sudo'' group
  
 <code> <code>
-adduser jrathert +adduser johndoe 
-adduser jrathert sudo+adduser johndoe sudo
 </code> </code>
  
-2) Log out and in as the new user and try if sudo works (by updating the apt database)+Log out and in with ssh as the new user and try if ''sudo'' works (e.g., by updating the apt database)
    
 <code> <code>
Zeile 20: Zeile 38:
 </code> </code>
  
-3) If everything worked, disable the root account (by deleting and locking it, see ''man passwd'')+If everything worked, disable the root account (by deleting and locking it, see ''man passwd'').  
 + 
 +:!: **Attention**: You can not login as root or ''su'' to root after this step. So please make sure that your new sudo user setup and ssh **really work**! 
  
 <code> <code>
Zeile 29: Zeile 49:
  
 Make sure ssh daemon listens on different port and does not allow root login: Make sure ssh daemon listens on different port and does not allow root login:
-  * Set ''Port 3141'' +  * Set ''Port <your port here>'' 
-  * Set ''PermitRootLogin no'' # or comment our ''yes''+  * Set ''PermitRootLogin no'' # or comment out a line with ''yes''
  
 <code> <code>
Zeile 40: Zeile 60:
  
 <code> <code>
-ssh -p 3141 jrathert@<server>  +ssh -p <yourport here> johndoe@<server>  
 </code> </code>
  
-If everything works, you can and should close all other (root) terminals / sessions to the server!+**If everything works, you can and should close all other (root) terminals / sessions to the server now**
  
  
 ===== Update Ubuntu ===== ===== Update Ubuntu =====
  
 +As a last step to make sure everything is up-to-date.
  
 <code>sudo apt update && sudo apt upgrade</code> <code>sudo apt update && sudo apt upgrade</code>
  
-===== Enable IP v6 ===== +====== Using the server ======
- +
- +
- +
-====== Set up other applications/servers ====== +
- +
-  - Reconfigure ssh daemon (port) +
-  - Set up relevant servers: Apache, MariaDB, Exim - see separate documents+
  
 +Of course there are many other relevant servers / daemons to be configured appropriately. The descriptions are, however, not Contabo specific, documentation can be found in the server section.
  
-asd+  *  Apache httpd server, incl. SSL via letsencrypt 
 +  *  PHP as part of Apache 
 +  *  MariaDB as database 
 +  *  Exim as local mail daemon
  
contabo/setup.1635767345.txt.gz · Zuletzt geändert: 2021/11/01 12:49 von jodoc